Storing PHP Sessions in a Database - Why did they fail?

(Page 2 of 8 )

Sessions, by default, write to a temporary file on the web server.  So if you choose to store data in your session (a user's name, for example), it is available on any page just by reading from the session.  This works great, until you bring more servers into the equation.

Think about this for a moment.  Let's say you have three web servers, all with the same website on them.  Furthermore, these web servers are set up as a round robin.  A round robin means that when a new request comes in, it's handed to the next server in the series.  So with three web servers, requests would be handled in the order of "1, 2, 3, 1, 2, 3, etc."  This means that, as a visitor is surfing your site, they are potentially visiting different servers in the same session.  With an intelligent load balancer, the handling of connections is not as crude, but it is still possible for a user to visit a different server with each click of the mouse.

So now, let's take the users on your site.  As they click through your web pages, they will be moving from server to server.  So if you saved something to a session variable while you were on server 1, it would not be available to you if your next click took you to server 3.  This doesn't mean that you coded your application incorrectly, it merely means you need to reconsider the session configuration.

With more than one server hosting the same website, your options narrow.  If you wish to keep using disk space to store your session information, then all of your web servers need to mount the same share, so they all have access to the file.  Another option, and the one we are going to explore in better detail, is to store your session inside a database instead of on disk.  This way, your session information is available no matter which web server you are on.

Luckily, PHP has a built-in ability to override its default session handling.  The function session_set_save_handler() lets the programmer specify which functions should actually be called when it is time to read or write session information.

Next: Overriding the session storage >>
 

More PHP Articles
More By Rich Smith

Comments On: Storing PHP Sessions in a Database

· I actually needed this logic for a recent implementation. I thought my experience...    · Do people still consider using 'global' to be a good idea? Wouldn't it be better to...    · Actually, you are correct. My own session class has alot of extra site-specific...    · Hey, Rich, I'm glad you took the time to put this into an article. It's a really...    · I require this session after login and encounter following error.Fatal error:...    · Yes. You need to change the DB logic in the class to use your DB calls, or straight...    · Sorry but I still don't understand. I created the exact same table "session" like...    · The db_query() call is a custom db class that my application uses. If you are using...   >>> Post your comment now!