Session Storage in File or DB?

austingecko

Session variables are stored in files by default, but can be stored in a database as long as session.save_handler=user.

It makes sense that session information is better organized and accessible if stored in a database. As admin, I can organize and access session variables more easily than if the session variables are stored in files. I can directly associate the variables with each user.

However, and I can be wrong, doesn't the storage of session variables in the db bring multiple db queries which could slow a site down? More so than storing session variables in files?

dancahill

session open, reads & writes when stored in the data layer will mean additional database access which will slow things down.

In my opinion it depends on the size of the app & the desire for futre scalability. Session management in the business logic makes sense for small 3-tier architectures in terms of speed & ease.

If there is either a current need or imagined future need for the middle tier to be distributed over multiple web servers then clearly session management will have to be handled in the data layer to allow load-balancing across the business layer.

Yes storing session info in the data layer will allow a higher level of organisation but the question is, is it really necessary for what you want to do?.