Where to Store the Sessions


Usually, session data is stored in files. The location of these files is set in the php.ini directive session.save_path. Of course, this path must (a) exist and (b) be readable and writable for the PHP process (usually, the process of the web server). Otherwise, the session information cannot be stored.

However, when you have a lot of users and, therefore, a lot of sessions, PHP should not put all session files in one directory because this might cause some serious performance issues. The following syntax allows PHP to move session data into many subdirectories:

 session.save_path = "n;/tmp" 

This creates subdirectories up to the level of n within the /tmp directory. However, these subdirectories have to exist so that PHP's session mechanism can write into them; for this, there exists the shell script mod_files.sh in the ext/session directory.

Of course, only the web server should be allowed to read this directory; otherwise, other users in the system could be able to read session information with possibly sensitive data.




PHP Phrasebook
PHP Phrasebook
ISBN: 0672328178
EAN: 2147483647
Year: 2005
Pages: 193

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net