Comments on: Important database session limitation http://nuts-and-bolts-of-cakephp.com/2010/07/07/important-database-session-limitation/ Thu, 02 Feb 2012 09:32:41 +0000 hourly 1 http://wordpress.org/?v=3.3.1 By: teknoid http://nuts-and-bolts-of-cakephp.com/2010/07/07/important-database-session-limitation/#comment-11296 teknoid Wed, 02 Feb 2011 17:37:26 +0000 http://teknoid.wordpress.com/?p=1022#comment-11296 @Cristiano Whole model... or model data? I would not recommend storing the entire object in the session. As far as any special chars, whenever information is saved into the DB cake takes special care of escaping all fields and values. @Cristiano
Whole model… or model data?
I would not recommend storing the entire object in the session. As far as any special chars, whenever information is saved into the DB cake takes special care of escaping all fields and values.

]]> By: Cristiano http://nuts-and-bolts-of-cakephp.com/2010/07/07/important-database-session-limitation/#comment-11295 Cristiano Wed, 02 Feb 2011 16:39:25 +0000 http://teknoid.wordpress.com/?p=1022#comment-11295 Consider that you are storing a whole model on the session and this model already has some html or special chars in it. Wouldn't this break the db session in a similar way that a sql injection would do with a database? Consider that you are storing a whole model on the session and this model already has some html or special chars in it. Wouldn’t this break the db session in a similar way that a sql injection would do with a database?

]]> By: teknoid http://nuts-and-bolts-of-cakephp.com/2010/07/07/important-database-session-limitation/#comment-11248 teknoid Fri, 24 Dec 2010 22:30:19 +0000 http://teknoid.wordpress.com/?p=1022#comment-11248 @Michael Remember that cake serializes the session object data. One known issue (perhaps in older versions) of PHP is that serialization can fail when certain (null or empty line) characters are stored in the session. Unfortunately I don't have a link handy, but a little googlin' might give more insight. @Michael

Remember that cake serializes the session object data. One known issue (perhaps in older versions) of PHP is that serialization can fail when certain (null or empty line) characters are stored in the session. Unfortunately I don’t have a link handy, but a little googlin’ might give more insight.

]]> By: Michael http://nuts-and-bolts-of-cakephp.com/2010/07/07/important-database-session-limitation/#comment-11246 Michael Fri, 24 Dec 2010 11:40:37 +0000 http://teknoid.wordpress.com/?p=1022#comment-11246 One benefit to store sessions in DB is using cluster for web site and two DBs with master to master replication. We're trying to setup it. But by some reason session is stored partially. Even with LONGTEXT data field. Have no idea why. One benefit to store sessions in DB is using cluster for web site and two DBs with master to master replication. We’re trying to setup it. But by some reason session is stored partially. Even with LONGTEXT data field. Have no idea why.

]]> By: seozest http://nuts-and-bolts-of-cakephp.com/2010/07/07/important-database-session-limitation/#comment-10397 seozest Wed, 21 Jul 2010 10:58:02 +0000 http://teknoid.wordpress.com/?p=1022#comment-10397 Great info.Thanks for sharing Use of sessions for DB is new for me. Great info.Thanks for sharing
Use of sessions for DB is new for me.

]]> By: Dan http://nuts-and-bolts-of-cakephp.com/2010/07/07/important-database-session-limitation/#comment-10289 Dan Thu, 08 Jul 2010 05:23:57 +0000 http://teknoid.wordpress.com/?p=1022#comment-10289 Good to know. This is probably one of those things that I or a friend will run into at some point. Thanks for the tip. Good to know. This is probably one of those things that I or a friend will run into at some point. Thanks for the tip.

]]> By: teknoid http://nuts-and-bolts-of-cakephp.com/2010/07/07/important-database-session-limitation/#comment-10288 teknoid Wed, 07 Jul 2010 22:20:45 +0000 http://teknoid.wordpress.com/?p=1022#comment-10288 @Mauro Zadunaisky No problem. Well, one benefit is that we already have proper fail-over and redundancy for our DB, and because we have multiple web servers we need a single point of storage. Prior to that we used memcache, but found it to be a little unreliable (I can't really get into much detail, since I don't know all the specifics). Again, we'd need to setup proper fail-over for memcache servers, which adds an extra level of maintenance and unnecessary complexity, at least for the time being. Another benefit to using the DB is that you can further extend the session handling to "remember" users' shopping carts, or preform additional analysis. (Since your data is in a relational DB, it makes extending base functionality a bit easier). Performance-wise we didn't see any difference one way or another. @Mauro Zadunaisky

No problem.

Well, one benefit is that we already have proper fail-over and redundancy for our DB, and because we have multiple web servers we need a single point of storage. Prior to that we used memcache, but found it to be a little unreliable (I can’t really get into much detail, since I don’t know all the specifics). Again, we’d need to setup proper fail-over for memcache servers, which adds an extra level of maintenance and unnecessary complexity, at least for the time being.

Another benefit to using the DB is that you can further extend the session handling to “remember” users’ shopping carts, or preform additional analysis. (Since your data is in a relational DB, it makes extending base functionality a bit easier).

Performance-wise we didn’t see any difference one way or another.

]]> By: Mauro Zadunaisky http://nuts-and-bolts-of-cakephp.com/2010/07/07/important-database-session-limitation/#comment-10287 Mauro Zadunaisky Wed, 07 Jul 2010 22:03:17 +0000 http://teknoid.wordpress.com/?p=1022#comment-10287 Great tip, thank you! Why are you using database for session storage? What's the benefif? security? perfomance? Great tip, thank you!

Why are you using database for session storage? What’s the benefif? security? perfomance?

]]>