Hi there,

I found that when doing large operations in the backend (like a batch action is converting a lot of images to create their thumbnails, etc) i can't browse Silverstripe anymore until the operation was finished.
Interestingly i could open another browser and i was able to work in ss.

I was playing around with PHP and HTTPD to make it multi-threading etc. to no avail.

Today I found out that SS is starting every time you access the CSM (frontend + backend) a new PHP session
sapphire/core/Session.php - Session::start()
@session_start();

The thing is, nowhere in ss the session is closed. No i tried to put a @session_write_close(); right after the session was started. The session information is written to the file and the session file on disk is no more locked.

The question now: Is it REALLY safe, doing this? What could happen "if"... ?
I haven't found negative side-effects until now. Browsing in the CMS seems to be much performant as well.

Is this only a flaw in Silverstripe or was it done that way intentionally?

Thanks,
MC

The whole function in session.php:

   public static function start($sid = null) {
      self::load_config();
      $path = self::get_cookie_path();
      $domain = self::get_cookie_domain();
      $secure = self::get_cookie_secure();

      if(!session_id() && !headers_sent()) {
         if($domain) {
            session_set_cookie_params(self::$timeout, $path, $domain, $secure /* secure */, true /* httponly */);
         } else {
            session_set_cookie_params(self::$timeout, $path, null, $secure /* secure */, true /* httponly */);
         }

         // @ is to supress win32 warnings/notices when session wasn't cleaned up properly
         // There's nothing we can do about this, because it's an operating system function!
         if($sid) session_id($sid);
         @session_start();
         @session_write_close(); // CHANGED: MCO - can we do this here ???
      }
   }