why don't use native session_decode in rcube_session?

[kevinlam]

Is there any reason the team have to implement a custom function (rcube_session::unserialize) to decode the session string?

Why dont use native php session_decode ? We can even protect the $_SESSION variable by copying it to a dummy array before decoding any session string.

The decode/encode action runs every request and the speed of native function is much faster.

Can anyone explain to me?