8

I was reading an article about long polling at Nolithius. Under the section PHP sleeps across the entire session, it is written that the session_write_close function should be called in order to prevent the entire session coming to a deadlock. What exactly is meant by deadlock here? Does it mean that without this function, any other page from the same domain opened in the client side won't be able to receive AJAX data from other scripts (like this one) until this one has finished executing and returned the result? Why should this happen? And how can session_write_close help here? Won't using it remove all personalization from the client side the next time he requests a page from this domain after he has received data from this request?

SexyBeast
  • 7,913
  • 28
  • 108
  • 196

1 Answers1

18

This is my understanding:

When file based sessions are used each request literally locks the file until the end of the request.

Meaning that the next request (that also uses the session data) has to wait for the lock to be released.

This is used to avoid session data corruption.

Using session_write_close() will clean up (but not lose any session data) and release the lock earlier on the file allowing other requests to continue.

This is good practice especially if you have scripts that sleep a lot, probably.

Alex Tartan
  • 6,736
  • 10
  • 34
  • 45
zaf
  • 22,776
  • 12
  • 65
  • 95
  • 1
    Will only that file which is sleeping be locked, or is the entire domain locked, thus not allowing other AJAX requests to other scripts, pageloads, etc? – SexyBeast Sep 13 '12 at 07:32
  • If you look at that way, yes, the whole domain will be locked - If you have all your scripts opening and using the session. The best is to selectively open and close the session when and where you need it - rather than script wide session access. – zaf Sep 13 '12 at 07:34
  • So if I use `session_write_close`, won't that terminate the session? That is, when the user requests another page from that domain, will he be starting a new session? – SexyBeast Sep 13 '12 at 07:36
  • To make it clear - the whole domain for a particular client will be locked. – zaf Sep 13 '12 at 07:37
  • That command does not flush/delete the session. So, no, the next request can have access to the same session data. – zaf Sep 13 '12 at 07:38
  • Then what exactly does the `session_write_close` do? – SexyBeast Sep 13 '12 at 07:38
  • "Write session data and end session" http://php.net/manual/en/function.session-write-close.php – zaf Sep 13 '12 at 07:39
  • Yeah I read that article. it says that the command ends the session. But you said it doesn't. What's the difference between flushing and ending a session? – SexyBeast Sep 13 '12 at 07:42
  • 1
    Ending a session means that you don't want to hold a lock on the data anymore. Flushing can have two meanings - 1) sending data in memory to the file and/or 2) deleteing the data. Just don't use this word if people don't know the context. – zaf Sep 13 '12 at 07:46
  • 2
    I'd advice using it always after you've done all changes to `$_SESSION` if possible. Especially if your PHP serves a lot of JSON the open session file may slow an AJAX application to crawl as each AJAX request becomes sequential. If you can't close it always then look at least the parts of your PHP which *resizes images* or *serve files* and take special care for closing the session before those operations, otherwise you may block the requests for considerable time. – Ciantic Sep 04 '13 at 10:26
  • I call a sleep(10) after calling the session_write_close(), but it is not working. when I call the page from the browser in two diffent tabs , the second one waits until the first one has finished to start executing. Is there another config in php that could be locking the script? – ElLocoCocoLoco Jun 10 '14 at 14:35