Sessions in PHP5 - built-in sessions or not?

Question

The background:
I am in the starting grounds of a new project built on PHP5.3. I've just started to look into ways of handling sessions in a way that initially lets me save the sessions to the database. I will separate all session management into a separate library to make it easy to transparentely migrate to memcached, separate session database server, or whatever that's the best solution by then.

I am kind of confused about what would be a good approach though - there's a lot of different ideas online on how to handle sessions varying dependent on the PHP version and the more I read, the more confused I get.

The question:
Here's the options that I believe are the most appropriate. Which one should I use and why? Are there other alternatives that should be considered?

Option 1:
Using session_set_save_handler and create custom functions for each session event to utilize the native (built-in) session handling of PHP to the fullest, but still save the sessions to database. Session would be written like $_SESSION['identifier'] = 'value';.

Option 2:
Building a complete session class which would have nothing to do with PHP's sessions and just act as any database model talking to the sessions table in my database. Session would be written like $this->sessions->write('identifier', 'value');.

Answer 1

The $_SESSION superglobal is actually a pretty good feature in PHP.

Depending on what your software solution is going to end up to be, third-party users would be more accustomed to writing to and reading from this superglobal with your custom session handlers doing the magic in the background.

There's also good security enhancements available through Suhosin which you need not "worry about" when developing a session storage for yourself.