Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Appearance settings

[HttpFoundation] Use relative timestamps with MemcachedSessionHandler #48635

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 1 commit into from
Dec 14, 2022
Merged

[HttpFoundation] Use relative timestamps with MemcachedSessionHandler #48635

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
17 changes: 15 additions & 2 deletions 17 src/Symfony/Component/HttpFoundation/Session/Storage/Handler/MemcachedSessionHandler.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -77,7 +77,7 @@ protected function doRead(string $sessionId)
#[\ReturnTypeWillChange]
public function updateTimestamp($sessionId, $data)
{
$this->memcached->touch($this->prefix.$sessionId, time() + (int) ($this->ttl ?? \ini_get('session.gc_maxlifetime')));
Copy link
Member

@derrabus derrabus Dec 13, 2022
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I've read up how PHP's memcached extension interprets the values passed here: https://www.php.net/manual/en/memcached.expiration.php

tl;dr: If the passed integer is < 30 days in seconds, the value is considered to be a relative TTL. Otherwise, the value is assumed to be a UNIX timestamp.

My guess is that we added time() to be sure our relative TTL is never mistaken as a timestamp.

If we go back to relative TTLs again, I suggest we make sure our TTL is below that threshold and continue to add time() otherwise.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

yes indeed https://github.com/memcached/memcached/blob/master/doc/protocol.txt#L139

$this->memcached->touch($this->prefix.$sessionId, $this->getCompatibleTtl());

return true;
}
Expand All @@ -87,7 +87,20 @@ public function updateTimestamp($sessionId, $data)
*/
protected function doWrite(string $sessionId, string $data)
{
return $this->memcached->set($this->prefix.$sessionId, $data, time() + (int) ($this->ttl ?? \ini_get('session.gc_maxlifetime')));
return $this->memcached->set($this->prefix.$sessionId, $data, $this->getCompatibleTtl());
}

private function getCompatibleTtl(): int
{
$ttl = (int) ($this->ttl ?? \ini_get('session.gc_maxlifetime'));

// If the relative TTL that is used exceeds 30 days, memcached will treat the value as Unix time.
// We have to convert it to an absolute Unix time at this point, to make sure the TTL is correct.
if ($ttl > 60 * 60 * 24 * 30) {
$ttl += time();
}

return $ttl;
}

/**
Expand Down
20 changes: 19 additions & 1 deletion 20 ...ny/Component/HttpFoundation/Tests/Session/Storage/Handler/MemcachedSessionHandlerTest.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -16,6 +16,7 @@

/**
* @requires extension memcached
*
* @group time-sensitive
*/
class MemcachedSessionHandlerTest extends TestCase
Expand Down Expand Up @@ -92,13 +93,30 @@ public function testWriteSession()
$this->memcached
->expects($this->once())
->method('set')
->with(self::PREFIX.'id', 'data', $this->equalTo(time() + self::TTL, 2))
->with(self::PREFIX.'id', 'data', $this->equalTo(self::TTL, 2))
->willReturn(true)
;

$this->assertTrue($this->storage->write('id', 'data'));
}

public function testWriteSessionWithLargeTTL()
{
$this->memcached
->expects($this->once())
->method('set')
->with(self::PREFIX.'id', 'data', $this->equalTo(time() + self::TTL + 60 * 60 * 24 * 30, 2))
->willReturn(true)
;

$storage = new MemcachedSessionHandler(
$this->memcached,
['prefix' => self::PREFIX, 'expiretime' => self::TTL + 60 * 60 * 24 * 30]
);

$this->assertTrue($storage->write('id', 'data'));
}

public function testDestroySession()
{
$this->memcached
Expand Down
Morty Proxy This is a proxified and sanitized view of the page, visit original site.