Web App config vars in $_SESSION or query from DB each page load?

Chris_96_WS6

Just curious what the opinions here are on which approach is best for storing configuration and/or user variables/properties for a web app:

1) Store in DB and query/initialize (possibly as object) with every page load.

2) Query from DB on login and store in $_SESSION.

The upside of approach 2 is obviously that you remove one query from every page of your app. The downside is, well, I'm not really sure about the downside other than I always stay very aware of how much data I'm trying to stuff into $_SESSION.

I've coded apps both ways, but would be interested in knowing what the prevailing arrangement is.

etully

Wow. That's a good question.

The upside that you list (remove one query from every page of your app) might have less impact than you think. Establishing a session adds a little bit of load, a little RAM and some disk access. I don't know how it compares to a single DB query but that could be easily benchmarked.

My wild guess is that (A) each of these two techniques are pretty close to eachother in performance, (😎 which one is right will depend on the site, and (C) they can each be tweaked to perfection through careful optimization with tools like memcache and such.

I'd really like to see some of the experts weigh in on this.

Weedpacket

One noticeable down side is that now the information is stored in two places, and when it changes you have to make sure it's changed in both places.

bpat1434

Let's also not forget that storing things in the session can be dangerous as the Session can be tampered with 🙁 So always reading from the database can sometimes be a good idea.

If it's a small app where the configuration won't change often, then I'd say it's relatively "okay" to store some config data in the session. If you're working on a larger app though, perhaps a Configuration object would be in order for you. Then you can just quickly get all rows from your db config, store them in an object and when you need the data, you're working on a "cached" copy during the rest of the request. THen with each request, that object gets repopulated and voila! You have updates to every user with a minimal overhead of queries.