Title: Eric Mann's Replies - page 2 | WordPress.org
---
# Eric Mann
[ ](https://wordpress.org/support/users/ericmann/)
* [Profile](https://wordpress.org/support/users/ericmann/)
* [Topics Started](https://wordpress.org/support/users/ericmann/topics/)
* [Replies Created](https://wordpress.org/support/users/ericmann/replies/)
* [Reviews Written](https://wordpress.org/support/users/ericmann/reviews/)
* [Topics Replied To](https://wordpress.org/support/users/ericmann/replied-to/)
* [Engagements](https://wordpress.org/support/users/ericmann/engagements/)
* [Favorites](https://wordpress.org/support/users/ericmann/favorites/)
Search replies:
## Forum Replies Created
Viewing 15 replies - 16 through 30 (of 681 total)
[←](https://wordpress.org/support/users/ericmann/replies/?output_format=md) [1](https://wordpress.org/support/users/ericmann/replies/?output_format=md)
2 [3](https://wordpress.org/support/users/ericmann/replies/page/3/?output_format=md)…
[44](https://wordpress.org/support/users/ericmann/replies/page/44/?output_format=md)
[45](https://wordpress.org/support/users/ericmann/replies/page/45/?output_format=md)
[46](https://wordpress.org/support/users/ericmann/replies/page/46/?output_format=md)
[→](https://wordpress.org/support/users/ericmann/replies/page/3/?output_format=md)
* Forum: [Plugins](https://wordpress.org/support/forum/plugins-and-hacks/)
In
reply to: [[WP Session Manager] Issue after update](https://wordpress.org/support/topic/issue-after-update-4/)
* Plugin Author [Eric Mann](https://wordpress.org/support/users/ericmann/)
* (@ericmann)
* [8 years, 2 months ago](https://wordpress.org/support/topic/issue-after-update-4/#post-9974663)
* I don’t know what plugin this is that’s having an issue, but no, the plugin isn’t
that kind of backwards compatible.
* The `wp_session` object itself is an array and pulling items out of it will return
the item that’s stored. It sound like the `tarot_cards` item in the session is
already an array. The old `toArray()` method was used to convert an array-
like object to an array and is no longer needed here at all.
* Forum: [Plugins](https://wordpress.org/support/forum/plugins-and-hacks/)
In
reply to: [[WP Session Manager] Fatal Error with Ninja Forms](https://wordpress.org/support/topic/fatal-error-with-ninja-forms/)
* Plugin Author [Eric Mann](https://wordpress.org/support/users/ericmann/)
* (@ericmann)
* [8 years, 2 months ago](https://wordpress.org/support/topic/fatal-error-with-ninja-forms/#post-9974648)
* This is what happens when people copy-paste someone else’s code into their own
projects. Sadly this isn’t something I can correct in my own plugin as
the functionality of `wp_session_cache_expire()` has drastically changed and
I can’t fall back to the old version.
* I’d recommend pining Ninja Forms directly (and will try to follow up with them
myself when I get a chance).
* Forum: [Plugins](https://wordpress.org/support/forum/plugins-and-hacks/)
In
reply to: [[WP Session Manager] Tutorial for using encryption](https://wordpress.org/support/topic/tutorial-for-using-encryption/)
* Plugin Author [Eric Mann](https://wordpress.org/support/users/ericmann/)
* (@ericmann)
* [8 years, 3 months ago](https://wordpress.org/support/topic/tutorial-for-using-encryption/#post-9934636)
* I should add this to the FAQ, but there are some quick instructions listed with
the underlying Sessionz library: [https://github.com/ericmann/sessionz#encryptionhandler](https://github.com/ericmann/sessionz#encryptionhandler).
Copying here for simplicity …
* Sessions stored on disk (the default implementation) or in a separate storage
system (Memcache, MySQL, or similar) should be encrypted at rest. This handler
will automatically encrypt any information passing through it on write and decrypt
data on read. It does not store data on its own.
* This handler requires a symmetric encryption key when it’s instantiated. This
key should be an ASCII-safe string, 32 bytes in length. You can easily use Defuse
PHP Encryption (a dependency of this library) to generate a new key:
* ```
$rawKey = Defuse\Crypto\Key::createNewRandomKey();
$key = $rawKey->saveToAsciiSafeString();
```
* Forum: [Plugins](https://wordpress.org/support/forum/plugins-and-hacks/)
In
reply to: [[WP Session Manager] Site Crash with 2.0.2](https://wordpress.org/support/topic/site-crash-with-2-0-2/)
* Plugin Author [Eric Mann](https://wordpress.org/support/users/ericmann/)
* (@ericmann)
* [8 years, 3 months ago](https://wordpress.org/support/topic/site-crash-with-2-0-2/#post-9934629)
* You can always email me directly at [eric@eamann.com](https://wordpress.org/support/users/ericmann/replies/page/2/eric@eamann.com?output_format=md).
* If you want further security and privacy, my GPG public key is listed on Keybase:
[https://keybase.io/eamann](https://keybase.io/eamann)
* Forum: [Plugins](https://wordpress.org/support/forum/plugins-and-hacks/)
In
reply to: [[WP Session Manager] Understanding Garbage Collection](https://wordpress.org/support/topic/understanding-garbage-collection-2/)
* Plugin Author [Eric Mann](https://wordpress.org/support/users/ericmann/)
* (@ericmann)
* [8 years, 3 months ago](https://wordpress.org/support/topic/understanding-garbage-collection-2/#post-9918074)
* Garbage collection of sessions in PHP is somewhat random. It’s managed by two
other INI settings: session.gc_divisor (default 100) and session.gc_probability(
default 1).
* (See: [http://php.net/manual/en/session.configuration.php#ini.session.gc-probability](http://php.net/manual/en/session.configuration.php#ini.session.gc-probability))
* There is a session.gc_probability / session.gc_divisor chance that garbage collection
will run on any given request. By default, that means only a 1% chance of garbage
collection running.
* Why this isn’t more deterministic is beyond me, but I’m sure there’s a reason
PHP is built that way.
* Forum: [Plugins](https://wordpress.org/support/forum/plugins-and-hacks/)
In
reply to: [[WP Session Manager] Site Crash with 2.0.2](https://wordpress.org/support/topic/site-crash-with-2-0-2/)
* Plugin Author [Eric Mann](https://wordpress.org/support/users/ericmann/)
* (@ericmann)
* [8 years, 3 months ago](https://wordpress.org/support/topic/site-crash-with-2-0-2/#post-9918023)
* [@barbio](https://wordpress.org/support/users/barbio/), I have the same question:
Can you access the system error logs on your host? I can’t debug or even diagnose
the issue further without more information about what happened on your system.
* Forum: [Plugins](https://wordpress.org/support/forum/plugins-and-hacks/)
In
reply to: [[WP Session Manager] WP Session creates database error](https://wordpress.org/support/topic/wp-session-creates-database-error/)
* Plugin Author [Eric Mann](https://wordpress.org/support/users/ericmann/)
* (@ericmann)
* [8 years, 3 months ago](https://wordpress.org/support/topic/wp-session-creates-database-error/#post-9880184)
* I’m super curious what other code is calling `session_start()`, but that’s beside
the point.
* I added some more defensive coding in v3.0.3 (just released) that checks to see
if the session is active before calling `session_start()`. If it’s already been
started by some other code, then I won’t run a duplicate call.
* Forum: [Plugins](https://wordpress.org/support/forum/plugins-and-hacks/)
In
reply to: [[WP Session Manager] session_value is empty](https://wordpress.org/support/topic/session_value-is-empty/)
* Plugin Author [Eric Mann](https://wordpress.org/support/users/ericmann/)
* (@ericmann)
* [8 years, 3 months ago](https://wordpress.org/support/topic/session_value-is-empty/#post-9875725)
* Version 2 stored data in the database a bit differently than version 3. In addition,
version 2 used the old `_wp_session` cookie to identify a session whereas version
3 uses the standard `PHPSESSID` cookie.
* In version 2, a serialized array of data is printed into the database. It’s then
deserialized when it comes back out and pushed into the state container of the`
WP_Session` object.
* Version 3 uses native sessions, which use a different and incompatible
serialization format. Upgrading to version 3 will render existing sessions inoperable.
* The reason this was a 3.X release instead of a 2.1 release was because of this
breakage. Upgrading across major versions will flush data.
* Forum: [Plugins](https://wordpress.org/support/forum/plugins-and-hacks/)
In
reply to: [[WP Session Manager] WP Session creates database error](https://wordpress.org/support/topic/wp-session-creates-database-error/)
* Plugin Author [Eric Mann](https://wordpress.org/support/users/ericmann/)
* (@ericmann)
* [8 years, 3 months ago](https://wordpress.org/support/topic/wp-session-creates-database-error/#post-9875722)
* The `session_start()` call will either start a new session or resume an existing
one. Without that call, `$_SESSION` won’t be populated at all. See [http://php.net/manual/en/function.session-start.php](http://php.net/manual/en/function.session-start.php)
for reference.
* Forum: [Plugins](https://wordpress.org/support/forum/plugins-and-hacks/)
In
reply to: [[WP Session Manager] Delete _wp_session cookie?](https://wordpress.org/support/topic/delete-_wp_session-cookie/)
* Plugin Author [Eric Mann](https://wordpress.org/support/users/ericmann/)
* (@ericmann)
* [8 years, 3 months ago](https://wordpress.org/support/topic/delete-_wp_session-cookie/#post-9875721)
* The plugin won’t automatically delete any cookies, but that cookie won’t be used
by the plugin moving forward. It will eventually expire for anyone who already
has it, and users visiting a site for the first time won’t see it at all.
* The cookie was just an identifier and did not store any data, so there’s no risk
in leaving it there.
* Forum: [Plugins](https://wordpress.org/support/forum/plugins-and-hacks/)
In
reply to: [[WP Session Manager] Plugin gets disabled by Pagely](https://wordpress.org/support/topic/plugin-gets-disabled-by-pagely/)
* Plugin Author [Eric Mann](https://wordpress.org/support/users/ericmann/)
* (@ericmann)
* [8 years, 3 months ago](https://wordpress.org/support/topic/plugin-gets-disabled-by-pagely/#post-9874744)
* Versions above 2.0 use a custom database table to avoid overloading options.
Versions above 3.0 use native sessions so you can leverage the standard PHP session
cookie. The latest versions should play nicely with Pagely and other hosts.
* Forum: [Plugins](https://wordpress.org/support/forum/plugins-and-hacks/)
In
reply to: [[WP Session Manager] I Have A Massive Amount of Sessions in wp-options](https://wordpress.org/support/topic/i-have-a-massive-amount-of-sessions-in-wp-options/)
* Plugin Author [Eric Mann](https://wordpress.org/support/users/ericmann/)
* (@ericmann)
* [8 years, 3 months ago](https://wordpress.org/support/topic/i-have-a-massive-amount-of-sessions-in-wp-options/#post-9874736)
* Version 2.0 introduced a custom database table to keep sessions entirely out
of the options table. I’d suggest upgrading to the latest version (v3.0.2 at
the time of this writing) to leverage the enhanced performance that custom table
gives you.
* I’d also suggest configuring your backups to not back up the custom table
at all.
* Forum: [Plugins](https://wordpress.org/support/forum/plugins-and-hacks/)
In
reply to: [[WP Session Manager] More sessions that visits](https://wordpress.org/support/topic/more-sessions-that-visits/)
* Plugin Author [Eric Mann](https://wordpress.org/support/users/ericmann/)
* (@ericmann)
* [8 years, 3 months ago](https://wordpress.org/support/topic/more-sessions-that-visits/#post-9874727)
* These issues were the driving force between rewriting things in versions 2 and
3. Version 2.0 introduced a separate database table (for more efficient reads/
writes/cleanups). Version 3.0 refactored the entire system to use native PHP
sessions instead of a custom object (that was prone to duplicating effort in
certain places).
* Almost all of the configuration can now be handled with PHP’s runtime INI configuration,
and the custom DB table can be purged as often as needed (even by an external
system, if necessary).
* Forum: [Plugins](https://wordpress.org/support/forum/plugins-and-hacks/)
In
reply to: [[WP Session Manager] Session Expire](https://wordpress.org/support/topic/session-expire/)
* Plugin Author [Eric Mann](https://wordpress.org/support/users/ericmann/)
* (@ericmann)
* [8 years, 3 months ago](https://wordpress.org/support/topic/session-expire/#post-9874718)
* That filter is no longer available as of version 3.0. The newest versions use
native PHP sessions and will need to be [configured using PHP INI settings](http://php.net/manual/en/session.configuration.php).
* Forum: [Plugins](https://wordpress.org/support/forum/plugins-and-hacks/)
In
reply to: [[WP Session Manager] Control when session starts/stops](https://wordpress.org/support/topic/control-when-session-starts-stops/)
* Plugin Author [Eric Mann](https://wordpress.org/support/users/ericmann/)
* (@ericmann)
* [8 years, 3 months ago](https://wordpress.org/support/topic/control-when-session-starts-stops/#post-9874710)
* The plugin no longer uses a `_wp_session` cookie and, as of v3.0, uses native
PHP sessions (and the standard `PHPSESSID` cookie). Sessions start by default
on the `plugins_loaded` event if not started some other way.
* Thinking out loud … you might be able to unhook that particular event,
then wire up `session_start()` where you need it explicitly. As for destroying
a session, the default `session_destroy()` will purge the data and kill the cookie.
Viewing 15 replies - 16 through 30 (of 681 total)
[←](https://wordpress.org/support/users/ericmann/replies/?output_format=md) [1](https://wordpress.org/support/users/ericmann/replies/?output_format=md)
2 [3](https://wordpress.org/support/users/ericmann/replies/page/3/?output_format=md)…
[44](https://wordpress.org/support/users/ericmann/replies/page/44/?output_format=md)
[45](https://wordpress.org/support/users/ericmann/replies/page/45/?output_format=md)
[46](https://wordpress.org/support/users/ericmann/replies/page/46/?output_format=md)
[→](https://wordpress.org/support/users/ericmann/replies/page/3/?output_format=md)