Skip to content
This repository has been archived by the owner on Jan 31, 2020. It is now read-only.

session_regenerate_id error #70

Open
pensiero opened this issue Feb 1, 2017 · 9 comments
Open

session_regenerate_id error #70

pensiero opened this issue Feb 1, 2017 · 9 comments
Labels
awaiting author updates bug Needs tests

Comments

@pensiero
Copy link

pensiero commented Feb 1, 2017 

Warning: session_regenerate_id(): Session object destruction failed. ID: user (path: /var/lib/php/sessions) in /var/www/vendor/zendframework/zend-session/src/SessionManager.php on line 324

Using

PHP 7.0.13-0ubuntu0.16.04.1 (cli) ( NTS )
Copyright (c) 1997-2016 The PHP Group
Zend Engine v3.0.0, Copyright (c) 1998-2016 Zend Technologies
    with Zend OPcache v7.0.13-0ubuntu0.16.04.1, Copyright (c) 1999-2016, by Zend Technologies
    with Xdebug v2.4.0, Copyright (c) 2002-2016, by Derick Rethans
@pensiero
Copy link
Author

pensiero commented Feb 1, 2017

It seems something related to #67 and #46

@Ocramius
Copy link
Member

Ocramius commented Feb 2, 2017

@pensiero any affected versions? Any way to reproduce it with a test (@runInSeparateProcess stuff, maybe?)

@pensiero
Copy link
Author

pensiero commented Feb 14, 2017
edited
Loading

I found that it was related to this line:

$session->regenerateId(true);

that was part of this:

        $session = $event->getApplication()->getServiceManager()->get('Zend\Session\SessionManager');
        $session->start();

        $container = new Container('initialized');
        if (!isset($container->init)) {
            $serviceManager = $event->getApplication()->getServiceManager();
            $request = $serviceManager->get('request');

            $session->regenerateId(true);
            $container->init = 1;
            $container->remoteAddr = $request->getServer()->get('REMOTE_ADDR');
            $container->httpUserAgent = $request->getServer()->get('HTTP_USER_AGENT');

            $config = $serviceManager->get('config');
            if (!isset($config['session'])) {
                return;
            }

            $sessionConfig = $config['session'];
            if (isset($sessionConfig['validators'])) {
                $chain = $session->getValidatorChain();

                foreach ($sessionConfig['validators'] as $validator) {
                    switch ($validator) {
                        case 'Zend\Session\Validator\HttpUserAgent':
                            $validator = new $validator($container->httpUserAgent);
                            break;
                        case 'Zend\Session\Validator\RemoteAddr':
                            $validator = new $validator($container->remoteAddr);
                            break;
                        default:
                            $validator = new $validator();
                    }

                    $chain->attach('session.validate', [$validator, 'isValid']);
                }
            }
        }

that is part of the code written here: https://framework.zend.com/manual/2.4/en/modules/zend.session.manager.html

Can I safely remove that line?

@n0v3xx
Copy link

n0v3xx commented Sep 28, 2017

I have the same problem with PHP Version 7.1.9-1+ubuntu16.04.

@n0v3xx n0v3xx mentioned this issue Sep 28, 2017
Open
@n0v3xx
Copy link

n0v3xx commented Sep 28, 2017
edited
Loading

2017/09/28 18:18:28 [error] 413#413: 128 FastCGI sent in stderr: "PHP message: PHP Warning: session_regenerate_id(): Session object destruction failed. ID: user (path: /var/www/clients/client1/web1/tmp) in /var/www/clients/client1/web1/web/tags/2.0.0/vendor/zendframework/zend-session/src/SessionManager.php on line 329" while reading response header from upstream, client: 162.158., server: , request: "POST /user/login HTTP/1.1", upstream: "fastcgi://unix:/var/lib/php7.0-fpm/web1.sock:", host: "", referrer: "https://*/user/login"

@Ocramius , can you check this problem again? can you try the example from @pensiero

@n0v3xx
Copy link

n0v3xx commented Sep 28, 2017
edited
Loading

I dont know why but when the deleteOldSeession param is true the error occur. If the value on false all works well. I dont know if that a zend or php7 problem?

vendor/zendframework/zend-session/src/SessionManager.php

public function regenerateId($deleteOldSession = false)
    {
        if ($this->sessionExists()) {
            session_regenerate_id((bool) $deleteOldSession);
        }

        return $this;
    }

@Zebercet
Copy link

Any update on this? It's still gives error on tests but not on rest or http request.

@michalbundyra
Copy link
Member

@pensiero @n0v3xx
I've tried example from the docs and I am not getting any error.
What is your configuration (session_config/session_storage/session_manager)?

I've tried the following:

return [
    'session_config' => [
        'phpSaveHandler' => 'files',
    ],
    'session_storage' => [
        'type' => 'ArrayStorage',
    ],
    'session_manager' => [
        'config' => [
            'class' => Session\Config\SessionConfig::class,
            'options' => [
                'name' => 'myapp',
            ],
        ],
        'storage' => Session\Storage\SessionArrayStorage::class,
        'validators' => [
            Session\Validator\RemoteAddr::class,
            Session\Validator\HttpUserAgent::class,
        ],
    ],
];

@weierophinney weierophinney mentioned this issue Dec 31, 2019
Open
@weierophinney
Copy link
Member

This repository has been closed and moved to laminas/laminas-session; a new issue has been opened at laminas/laminas-session#8.

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
awaiting author updates bug Needs tests
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
6 participants
@weierophinney @Ocramius @pensiero @n0v3xx @michalbundyra @Zebercet