Is there a maximum number of PHP sessions?

Question

Simple question: Is there a limit to the number of concurrent PHP sessions? If a site were to have 1000+ people logged in at the same time, would sessions still be the accepted way to store the variables, or would a different method be used?

I presume it would be determined by the server rather than the PHP itself(?), so not only the number of sessions but also the size of each session would make a difference, but im not sure!

Answer 1

Off the top of my head, there should be several limits:

• The random id generated for each session is of a fixed length, ergo there are only a limited number of random ids available. (I don't know whether PHP will increase the length of the id if it exhausts the number of available ones, I don't think so.) But, that number is ridiculously large, and will likely by far exceed the
• number of files which can be stored in a single directory, which is limited by the filesystem. Since all sessions are stored as files by default in a single directory, you'll reach this eventually.
• The size of the disk on which the session data is stored.

I don't think there are any other hard limits on the number of sessions. However, all these factors are much larger than 1000. 1000+ sessions can still be perfectly handled by standard PHP file based sessions. If you notice that is getting a problem, you can exchange the session backend easily. There are pluggable session handlers for memcached or other memory or database based storage systems. You can easily write your own sessions handlers to do whatever you want in any scalable form you need. You can still keep using the standard PHP session functions in your code.