Zend_Session Overrides php.ini Settings

Posted in PHP and Zend Framework on Monday, the 13th of July, 2009.

This post concerns some curious behaviour in Zend_Session. We spent about a day of developer time tracking this down, and I'm still a bit puzzled about it. It doesn't appear anywhere obvious in the documentation, and I haven't found a great deal on the web about it, so maybe this will save somebody some time, if nothing else.


Posted by Ciaran McNulty on Monday, the 13th of July, 2009.

It certainly seems to be an interesting choice - ignore PHP's mechanism for configuration and essentially reproduce it with a new option mechanism inside of Zend_Session.

I had a look through the SVN and it seems to have been added as part of a larger restructuring of the Session mechanism so I'm not sure where to find the motivations behind it.

Posted by Ciaran McNulty on Friday, the 12th of March, 2010.

To resurrect an old post...

The preferred answer to this in ZF seems to be to use Zend_Application_Resource_Session during your bootstrapping and specify the options there.

For an app that used Zend_Application that would be as simple as adding the following to the application.ini:

resources.session.use_only_cookies = Off
resources.session.use_trans_sid = On

I've not tested that of course but I can now see the point of ZF setting these things per-application.

Enter your comment: