session management in database

Anon

I am new to php (and web programming for that matter.) I am trying to decide what method of session handling would be most efficient, assuming a fairly large user base. By the way please feel free to suggest ant methods that may be better.

1) Add a session id and expiration time to a users record.

only one query per page and session management is unnecessary
forced to query the entire user database and seems like it might be a bad idea to alter a users record every time they visit a page.

2) Create a separate session table with a session id an expiration time and a user id.

if user info is not required on a particular page can authenticate a session by querying just the session table for fast results
querying two tables if user data required, creation of new record for each session and forced to perform regular maintenance on session table.

3) create a separate session table and store all of the users info in there.

fast queries
forced to copy all of the users data, forced to perform regular maintenance on session table and duplication of data could cause data management to get tricky

Well what do you think? Your feedback is appreciated.

Thanks
Don

Anon

What about the built-in session support in PHP 4.x? It can be used with cookie support or without it (session ID is automatically added to the end of the URL if cookies are off). There are lots of articles on this site dealing with sessions, just follow the "columns" link on the left hand side.

Tim Frank