Feeling Lucky
?
[#8577] - Core session code contains database r/w even when not using database
- Closed
- 25 May 2017
- Medium
- Build: master
- # 8577
The core session calls in libraries/cms/application/cms.php - loadSession(), checkSession() contains database code. Session handling shouldn't touch the database per se, only if a db storage provider is used. If 'none' or memcache/redis etc are used then database shouldn't be touched as it pretty much guarantees deadlocks and clashes, and makes Joomla unuseable on consistent db clusters.
I think this is what this PR is trying to fix?
joomla/joomla-cms#6608
Please consider fixing this, it's really important to use Joomla in HA/cluster environment.
brianteeman
- | Labels |
Added:
?
|
||
| Category | ⇒ | Libraries |
joomla-cms-bot
- 
franz-wohlkoenig
- | Status | New | ⇒ | Needs Review |
| Status | Needs Review | ⇒ | Closed |
| Closed_Date | 0000-00-00 00:00:00 | ⇒ | 2017-05-25 01:37:47 |
| Closed_By | ⇒ | mbabker |
All that PR fixes is doing the job of the session handler's
gc()method. The checkSession() method needs major rewrites as well. Going a step further, joomla-projects/joomla-pythagoras#62 identifies all flaws in current session handling code and fixing most of that is probably out of scope for the 3.x series unless there are some developers left who understand session handling and can clean the mess up.