diff --git a/ext/session/php_session.h b/ext/session/php_session.h
index 5b4d3db64f48..9bf97cca02bf 100644
--- a/ext/session/php_session.h
+++ b/ext/session/php_session.h
@@ -273,38 +273,20 @@ PHPAPI const ps_serializer *_php_find_ps_serializer(const char *name);
 PHPAPI zend_result php_session_valid_key(const char *key);
 PHPAPI zend_result php_session_reset_id(void);
 
-#define PS_ADD_VARL(name) do {										\
-	php_add_session_var(name);							\
-} while (0)
-
-#define PS_ADD_VAR(name) PS_ADD_VARL(name)
-
-#define PS_DEL_VARL(name) do {										\
-	if (!Z_ISNULL(PS(http_session_vars))) {							\
-		zend_hash_del(Z_ARRVAL(PS(http_session_vars)), name);		\
-	}																\
-} while (0)
-
-
-#define PS_ENCODE_VARS 												\
-	zend_string *key;												\
-	zend_ulong num_key;													\
-	zval *struc;
-
 /* Do not use a return statement in `code` because that may leak memory.
  * Break out of the loop instead. */
 #define PS_ENCODE_LOOP(code) do {									\
 	zval _zv;														\
 	/* protect against user interference */							\
 	ZVAL_COPY(&_zv, Z_REFVAL(PS(http_session_vars)));				\
-	HashTable *_ht = Z_ARRVAL(_zv);									\
-	ZEND_HASH_FOREACH_KEY(_ht, num_key, key) {						\
+	ZEND_HASH_FOREACH_KEY(Z_ARRVAL(_zv), zend_ulong num_key, zend_string * key) { \
 		if (key == NULL) {											\
 			php_error_docref(NULL, E_WARNING,						\
 					"Skipping numeric key " ZEND_LONG_FMT, num_key);\
 			continue;												\
 		}															\
-		if ((struc = php_get_session_var(key))) {					\
+		zval *struc = php_get_session_var(key);						\
+		if (struc) {												\
 			code;		 											\
 		} 															\
 	} ZEND_HASH_FOREACH_END();										\
diff --git a/ext/session/session.c b/ext/session/session.c
index cd957369c5e2..7578a038eadd 100644
--- a/ext/session/session.c
+++ b/ext/session/session.c
@@ -102,7 +102,7 @@ zend_class_entry *php_session_update_timestamp_iface_entry;
 
 static zend_result php_session_send_cookie(void);
 static zend_result php_session_abort(void);
-static void proposed_session_id_to_session_id(zval *proposed_session_id);
+static void proposed_session_id_to_session_id(const zval *proposed_session_id);
 
 /* Initialized in MINIT, readonly otherwise. */
 static int my_module_number = 0;
@@ -286,7 +286,7 @@ static ZEND_COLD void php_session_cancel_decode(void)
 	php_error_docref(NULL, E_WARNING, "Failed to decode session object. Session has been destroyed");
 }
 
-static zend_result php_session_decode(zend_string *data)
+static zend_result php_session_decode(const zend_string *data)
 {
     ZEND_ASSERT(PS(serializer));
 	zend_result result = SUCCESS;
@@ -567,8 +567,6 @@ static void php_session_save_current_state(bool write)
 
 static void php_session_normalize_vars(void)
 {
-	PS_ENCODE_VARS;
-
 	IF_SESSION_VARS() {
 		PS_ENCODE_LOOP(
 			if (Z_TYPE_P(struc) == IS_PTR) {
@@ -655,17 +653,17 @@ static PHP_INI_MH(OnUpdateSaveDir)
 
 	/* Only do the open_basedir check at runtime */
 	if (stage == PHP_INI_STAGE_RUNTIME || stage == PHP_INI_STAGE_HTACCESS) {
-		char *p;
-
 		if (memchr(ZSTR_VAL(new_value), '\0', ZSTR_LEN(new_value)) != NULL) {
 			return FAILURE;
 		}
 
 		/* we do not use zend_memrchr() since path can contain ; itself */
-		if ((p = strchr(ZSTR_VAL(new_value), ';'))) {
-			char *p2;
+		const char *p = strchr(ZSTR_VAL(new_value), ';');
+		if (p) {
 			p++;
-			if ((p2 = strchr(p, ';'))) {
+
+			const char *p2 = strchr(p, ';');
+			if (p2) {
 				p = p2 + 1;
 			}
 		} else {
@@ -988,7 +986,6 @@ PS_SERIALIZER_ENCODE_FUNC(php_binary)
 {
 	smart_str buf = {0};
 	php_serialize_data_t var_hash;
-	PS_ENCODE_VARS;
 
 	PHP_VAR_SERIALIZE_INIT(var_hash);
 
@@ -1052,7 +1049,6 @@ PS_SERIALIZER_ENCODE_FUNC(php)
 	smart_str buf = {0};
 	php_serialize_data_t var_hash;
 	bool fail = false;
-	PS_ENCODE_VARS;
 
 	PHP_VAR_SERIALIZE_INIT(var_hash);
 
@@ -1197,7 +1193,7 @@ PHPAPI zend_result php_session_update_timestamp(PS_UPDATE_TIMESTAMP_ARGS) {
    ****************** */
 
 typedef struct {
-	char *name;
+	const char *name;
 	void (*func)(void);
 } php_session_cache_limiter_t;
 
@@ -1472,8 +1468,6 @@ PHPAPI const ps_serializer *_php_find_ps_serializer(const char *name)
 
 static bool should_invalidate_session_for_external_referer(void)
 {
-	zval *referer_data;
-
 	/* No external referer check configured */
 	if (!PS(id) || PS(extern_referer_chk)[0] == '\0') {
 		return false;
@@ -1485,7 +1479,7 @@ static bool should_invalidate_session_for_external_referer(void)
 	}
 
 	/* Get HTTP_REFERER header */
-	referer_data = zend_hash_str_find(Z_ARRVAL(PG(http_globals)[TRACK_VARS_SERVER]), ZEND_STRL("HTTP_REFERER"));
+	const zval *referer_data = zend_hash_str_find(Z_ARRVAL(PG(http_globals)[TRACK_VARS_SERVER]), ZEND_STRL("HTTP_REFERER"));
 	if (!referer_data || Z_TYPE_P(referer_data) != IS_STRING || Z_STRLEN_P(referer_data) == 0) {
 		return false;
 	}
@@ -1496,7 +1490,7 @@ static bool should_invalidate_session_for_external_referer(void)
 
 static void try_find_session_id_in_global(const char *global_name, size_t global_name_len)
 {
-	zval *global_data, *potential_session_id;
+	zval *global_data;
 
 	if (PS(id)) {
 		return;
@@ -1512,7 +1506,7 @@ static void try_find_session_id_in_global(const char *global_name, size_t global
 		return;
 	}
 
-	potential_session_id = zend_hash_find(Z_ARRVAL_P(global_data), PS(session_name));
+	const zval *potential_session_id = zend_hash_find(Z_ARRVAL_P(global_data), PS(session_name));
 	if (potential_session_id) {
 		proposed_session_id_to_session_id(potential_session_id);
 	}
@@ -1541,7 +1535,7 @@ static bool php_can_change_session_setting(const char *setting_name, bool check_
 
 static void try_find_session_id_in_cookies(void)
 {
-	zval *cookie_data, *potential_session_id;
+	zval *cookie_data;
 
 	if (!PS(use_cookies) || PS(id)) {
 		return;
@@ -1557,7 +1551,7 @@ static void try_find_session_id_in_cookies(void)
 		return;
 	}
 
-	potential_session_id = zend_hash_find(Z_ARRVAL_P(cookie_data), PS(session_name));
+	const zval *potential_session_id = zend_hash_find(Z_ARRVAL_P(cookie_data), PS(session_name));
 	if (potential_session_id) {
 		proposed_session_id_to_session_id(potential_session_id);
 		PS(send_cookie) = false;
@@ -1565,7 +1559,7 @@ static void try_find_session_id_in_cookies(void)
 	}
 }
 
-static void proposed_session_id_to_session_id(zval *proposed_session_id) {
+static void proposed_session_id_to_session_id(const zval *proposed_session_id) {
 	ZVAL_DEREF(proposed_session_id);
 	if (Z_TYPE_P(proposed_session_id) == IS_STRING) {
 		PS(id) = zend_string_copy(Z_STR_P(proposed_session_id));
@@ -1658,7 +1652,7 @@ PHPAPI zend_result php_session_reset_id(void)
 
 PHPAPI zend_result php_session_start(void)
 {
-	char *value;
+	const char *value;
 
 	switch (PS(session_status)) {
 		case php_session_active:
@@ -2835,18 +2829,14 @@ static zend_result php_rinit_session(bool auto_start)
 
 	PS(mod) = NULL;
 	{
-		char *value;
-
-		value = zend_ini_string(ZEND_STRL("session.save_handler"), false);
+		const char *value = zend_ini_string(ZEND_STRL("session.save_handler"), false);
 		if (value) {
 			PS(mod) = _php_find_ps_module(value);
 		}
 	}
 
 	if (PS(serializer) == NULL) {
-		char *value;
-
-		value = zend_ini_string(ZEND_STRL("session.serialize_handler"), false);
+		const char *value = zend_ini_string(ZEND_STRL("session.serialize_handler"), false);
 		if (value) {
 			PS(serializer) = _php_find_ps_serializer(value);
 		}
@@ -3051,7 +3041,7 @@ static PHP_MINFO_FUNCTION(session)
    * Upload hook handling *
    ************************ */
 
-static bool early_find_sid_in(zval *dest, int where, php_session_rfc1867_progress *progress)
+static bool early_find_sid_in(zval *dest, int where)
 {
 	zval *potential_session_id;
 
@@ -3074,7 +3064,7 @@ static void php_session_rfc1867_early_find_sid(php_session_rfc1867_progress *pro
 
 	if (PS(use_cookies)) {
 		sapi_module.treat_data(PARSE_COOKIE, NULL, NULL);
-		if (early_find_sid_in(&progress->sid, TRACK_VARS_COOKIE, progress)) {
+		if (early_find_sid_in(&progress->sid, TRACK_VARS_COOKIE)) {
 			progress->apply_trans_sid = false;
 			return;
 		}
@@ -3083,10 +3073,10 @@ static void php_session_rfc1867_early_find_sid(php_session_rfc1867_progress *pro
 		return;
 	}
 	sapi_module.treat_data(PARSE_GET, NULL, NULL);
-	early_find_sid_in(&progress->sid, TRACK_VARS_GET, progress);
+	early_find_sid_in(&progress->sid, TRACK_VARS_GET);
 }
 
-static bool php_check_cancel_upload(php_session_rfc1867_progress *progress)
+static bool php_check_cancel_upload(const php_session_rfc1867_progress *progress)
 {
 	zval *progress_ary, *cancel_upload;
 
@@ -3136,7 +3126,7 @@ static void php_session_rfc1867_update(php_session_rfc1867_progress *progress, b
 	php_session_flush(true);
 }
 
-static void php_session_rfc1867_cleanup(php_session_rfc1867_progress *progress)
+static void php_session_rfc1867_cleanup(const php_session_rfc1867_progress *progress)
 {
 	php_session_initialize();
 	PS(session_status) = php_session_active;
@@ -3164,14 +3154,14 @@ static zend_result php_session_rfc1867_callback(unsigned int event, void *event_
 
 	switch(event) {
 		case MULTIPART_EVENT_START: {
-			multipart_event_start *data = (multipart_event_start *) event_data;
+			const multipart_event_start *data = event_data;
 			progress = ecalloc(1, sizeof(php_session_rfc1867_progress));
 			progress->content_length = data->content_length;
 			PS(rfc1867_progress) = progress;
 		}
 		break;
 		case MULTIPART_EVENT_FORMDATA: {
-			multipart_event_formdata *data = (multipart_event_formdata *) event_data;
+			const multipart_event_formdata *data = event_data;
 			size_t value_len;
 
 			if (Z_TYPE(progress->sid) && progress->key.s) {
@@ -3204,7 +3194,7 @@ static zend_result php_session_rfc1867_callback(unsigned int event, void *event_
 		}
 		break;
 		case MULTIPART_EVENT_FILE_START: {
-			multipart_event_file_start *data = (multipart_event_file_start *) event_data;
+			const multipart_event_file_start *data = event_data;
 
 			/* Do nothing when $_POST["PHP_SESSION_UPLOAD_PROGRESS"] is not set
 			 * or when we have no session id */
@@ -3265,7 +3255,7 @@ static zend_result php_session_rfc1867_callback(unsigned int event, void *event_
 		}
 		break;
 		case MULTIPART_EVENT_FILE_DATA: {
-			multipart_event_file_data *data = (multipart_event_file_data *) event_data;
+			const multipart_event_file_data *data = event_data;
 
 			if (!Z_TYPE(progress->sid) || !progress->key.s) {
 				break;
@@ -3278,7 +3268,7 @@ static zend_result php_session_rfc1867_callback(unsigned int event, void *event_
 		}
 		break;
 		case MULTIPART_EVENT_FILE_END: {
-			multipart_event_file_end *data = (multipart_event_file_end *) event_data;
+			const multipart_event_file_end *data = event_data;
 
 			if (!Z_TYPE(progress->sid) || !progress->key.s) {
 				break;
@@ -3297,7 +3287,7 @@ static zend_result php_session_rfc1867_callback(unsigned int event, void *event_
 		}
 		break;
 		case MULTIPART_EVENT_END: {
-			multipart_event_end *data = (multipart_event_end *) event_data;
+			const multipart_event_end *data = event_data;
 
 			if (Z_TYPE(progress->sid) && progress->key.s) {
 				if (PS(rfc1867_cleanup)) {