Session usage opinions

Anon

I'm trying to figure out if there is a point where storing and using SESSION variables becomes detrimental to an app. I'm developing a HelpDesk system that currently stores a handful of key variables (typical size of sess files are 300 to 500 bytes) in the session, but then uses POSTs and GETs to pass along non-critical or easily verified vars. The only problem with the mix-and-match of variable types is that it gets a little confusing sometimes when I'm trying to debug complicated verifications.

I've looked around online and haven't found much guidance, but I'm basically wondering, is there a known (or even assumed) point where it's considered to have "too much data" stored in a session var? Just to give ideas on where my usage is at, initial rollout of this app will have about 100 users logging in per day, 80% of which will be logged in for about 15 minutes, the other 20% might stay on all day. With low usage like I'm expecting, should I even be worried about "how big" session storage gets? Any opinions on what's considered "too much" _SESSION usage?

Thanks for any input.

juxstapose

Hiya,

My opinion is that sessions are great for maintaining login status and tracking minor things.

However, when you are storing a decent amount information the best route is a database.

It makes code cleaner and more readable and depending on the amount of information stored it is also faster.

-Mike