PHP Doubts how to optimize Session

Asked

Viewed 111 times

3

Today I use the following code to start a PHP Session

 //verificação se o id de sessão ja existe, se não existir, cria
if (!session_id()){
   // iniciando a sessão
   session_start();   
   // buffer para evitar o erro ao acionar o headlocation
   ob_start();

}

As I am new in PHP, I would like to know... Do I need to make additional settings to avoid future access problems? that is, I want to prevent the site I developed from getting overloaded.

I also realized that the session is only finished when I close the browser, what is the expiring time of the php session and it is necessary to change this?

Tips?

I’m using version 5.6

  • The session is not something that has a great impact on the server’s performance, what messes with large-scale performance that if not taken care of gives problem is the use of the database and unbridled use without need and without any test table loops.

  • then I created classes and Pdo and foreach for the links (I open a single connection) to get the page information. By the tests I’ve done everything works normally, as would these table tests you spoke of?

  • See how to do table test at this link

  • 1

    This code itself has no problem, the problems may come is in handling the session, at the time of adding values and removing, the above code only starts the session and nothing else.

  • I understand, but what about the requisition part? every time someone visits the site, there will be a correct request? how do I know the stipulated limit?

1 answer

3


There’s not much you can do about it,

But try applying this little script that will save the last requisition, with waiting time, will prevent attacks Ddos

// vou assumir que ja tens a sessão iniciada...
$uri = md5($_SERVER['REQUEST_URI']);

$exp = 3; // 3 segundos
$hash = $uri .'|'. time();
if (!isset($_SESSION['user'])) {
    $_SESSION['user'] = $hash;
}

list($_uri, $_exp) = explode('|', $_SESSION['user']);
if ($_uri == $uri && time() - $_exp < $exp) {
    header('HTTP/1.1 503 Service Unavailable');
    die;
}

// guardar a ultima requisição
$_SESSION['user'] = $hash;
  • thanks for the tip! I put right after if from Session start! hugs!

  • only one detail, if I understand correctly this code will return "Service unavailable if the same user tries to access more than once in a short correct time?

  • yes, that’s right

  • I was left with a doubt, I have this code <meta HTTP-EQUIV='refresh' CONTENT='3.0;URL=product.php'> on some delete buttons, as the script runs too fast ends up returning the error 503 service Unavailabe, how to solve?

Browser other questions tagged

You are not signed in. Login or sign up in order to post.