Is it okay to save lots of information in $_SESSION?

Question

I need to store many arrays in $_SESSION to prevent retrieving information from MySQL. Is it okay? How much is "too much" information in $_SESSION or there isn't any "too much"? Thanks.

P.S. Or it's better to use http://php.net/manual/en/book.memcache.php ?

Answer 1

The limit of data you can store inside a session is limited by the session storage layer. The default sessions store is the file-system and one session is stored into one file. The name of the session variable/array-key is stored as well as it's data in a serialized form. A pipe symbol separates variable names and values from each other.

If you're storing arrays with strings, then the file will be similar large than the length of the strings plus the length of the keys and a little overhead for meta data as well as the size of the variable names.

The size of a file is limited by the file-system. For example, in EXT3 this are 16 Gigabyte per file. So this is one "too much". You can not store more data into a session than the storage layer allows you to.

The next limit I can think of is the one of your memory. As PHP needs to load the data from the file into the memory and stores it from memory to the file at the end of the request. So if you've got a memory limit in PHP then this will actually limit as well the size of your session. For example, there is a standard memory limit of 16MB in PHP 5.2, but this may vary with your installation.

Using the whole memory for the session only does not make much sense by the way.

Next to these hard limits there might be performance limits which are related to the number of congurent requests, how fast your harddisk is etc.

As your question is pretty short I assume you didn't run into any concrete problems so far, so I think it would be out of scope. E.g. using memcached if you don't really need is would be only overhead. As well as discussing design decisions (never cache in sessions) which can not be answered in general at all.

The 100 or 200 Kilobyte per session (locate the session directory on your system and take an actual look how large the files are becomming) should not break your program. As suggested you should take care that old session files that aren't needed any longer get removed after a certain period of time automatically.

To learn more about your session configuration in PHP please see Session Runtime Configuration in the PHP Manual.