Php/mysql session issue: large session db (with cookie) or only cookies?

aqw

Hi!

I have made a custom mysql session class and it works seamlessly.

However, I store all session variables in a session mysql table. In fact, this mysql session table is quite big (35 cols). That is needed to store all variables for the logged in users. Please note that I still have to have a tiny cookie storing the session id of course!

BUT

Wouldn't it be better to only store the session id and user uid in the database, and all the other fields (or session vars, parameters, ... call it what you want) in cookies??

=> Should I make 1 big cookie storing all the remaining 33 session fields (some hold up to 5k of text), or should I create multiple cookies to distribute the load?

If the cookies is very big, is there a risk the user computer will not accept it?

Thank you for your thoughts.

rehfeld

well, if you pass your data to the client in a cookie, they can manipulate it.

not sure if this would cause problems for your particular situation, but most likely it could.

also, then you are relying upon cookies. if the user has cookies dissabled, then you have no way to propagate the data. but if your just needing to have them carry a session id, you can pass the session id through the query string in the event cookies are dissabled. but i doubt you want to pass 35 cols of info through the query string too. hence why the concept of sesssions is good.

oh and yes, cookies do have a size limit. im sure each browser is different, but i think if you stay under 4k you will prob be safe. but, still, i think sessions would likely be a much better choice.

Weedpacket

Also note that storing the data in cookies will require the client to send all that cookie data - all 35 fields' worth - back to the server with every request it makes, whether the page being requested needs it or not (the client doesn't know).