0
Guys, I’m in doubt here.
Inside my control panel, I will need to get user id, email, password (only to change password) name, over name, etc... The ideal would be to save all this in a session at login time or whenever I need it, I refer it directly to the database?
Please do not consider this as a question that will have an opinion-based answer. I really need this push so I can continue my project!
Thanks.
2
There are problems of storing lots of data in sessions.
One of them is the server performance. Each session you create in php has its content serialized and when it is done the conversion it generates a cost. If you have multiple sessions to be desirialized you increase this cost. And then you add that up to a lot of users poking around on your page at the same time...
Another thing is security. There is an attack called Sesssion Hijacking trying to get the cookies created by the server. So if you simply don’t check or authenticate with the bank every user request on your site, your application is quite vulnerable.
Ideal is to create a session with an id hash and redeem the information in that user’s database.
Browser other questions tagged php database session
You are not signed in. Login or sign up in order to post.
Think about it: if you save in session and the user logs in to another computer, change the data and save, go back to the first computer, which has the original data in the session, change again and save. What should be the user’s data? What did it change on the first or second computer?
– Woss
Eita kkk. But, like this, I will create a system to dislodge the person if another session is started in a different place. Even so, the best is the consultation?
– Lucas de Carvalho
About being opinionated, it depends a lot on how you formulate the question. You can always ask for a comparison between two things, with pros and cons, and make your decision alone according to your context. To ask for an opinion is to hope that there is a "correct" answer. It doesn’t exist, you have to define what to use based on what you know, your goals and your specific context.
– bfavaretto