John Campbell wrote:
Can you elaborate on this? I use sessions very often and find them to be very
useful. After all, they are there to be used, so why not use them when appli
cable?
They do have applications, but most people find way too many applications.
1) Sessions often break a lot of things, typically bookmarks, the back
button, using mutiple windows, and they expire. These are especially
problems for beginners.
2) Sessions are not a good substitute for a performance cache, and
people tend to use them that way.
3) Sessions make for very hard to find bugs.
Thank you for those pointers. I use $_SESSION in my current project to store
such things as the language of the currently logged in user, the user's access
level, and the base portion of the URL to redirect the browser to pages on my
server. The first two could be obtained from a table in the database, but I
figured retrieving this information once and carrying it along with the
$_SESSION saves hitting the database several time to retrieve the exat same
piece of information. The last piece saves running the same code over and over
again to get the same result. So far I haven't found any problems with doing this.
In one section of my application I do store more in $_SESSION, an array and a
pointer. The array includes unique IDs of records in the database and the
pointer contains the current array key of the element I want to look at. That
way I was able to build a simple navigation tool that allows for calling up
records in the sequence specified by a search. Yes, I could do that by
crafting the navigation as forms and pass along the info via $_POST, but for
that I'd need to handle both the array (and serialize that) and the pointer,
whereas using the session I only need to write the new pointer to the session,
which is way less code and way less stuff that shows up in the XHTML. I admit
I haven't tested it with multiple windows and the browser controls, but even
if there are problems the worst that may happen is that the individual windows
rewrite the pointer in the session and then the navigation would show on a
Next click really something that is 3 Previous clicks before. In my case I
deal with pictures and video files, so that there is no horrible damage,
althought I admit that the app then no longer works as designed. And thinking
about, sending everything via $_POST will for sure prevent that. I do have
code in place that makes sure that the next or previous item indeed exists and
that the pointer does not get set to keys that do not exist in the array.
I found it not to be difficult to find bugs that were related to $_SESSION. In
my IDE it gets displayed the same way as the $_POST variable. I also do not
use objects that I'd need to pass along. My app uses an object in one place to
deal with ZIP files, but that's about it. I see the benefit of objects, but so
far found easy enough ways to do without them. That may change when I get the
crazy idea to work on more complex stuff.
I will go back and look at my code and see where I stuff more into $_SESSION
and if I could do without it. In case of bookmarking, that is a side effect
that can be to one's advantage. I know for sure that if someone bookmarks the
pages in my app the bookmark will not work, but code is in place that captures
especially the missing user level and gracefully redirects one to the login
page. That is a behavior that I want.
Is there anything drastically flawed with my approach?
David
_______________________________________________
New York PHP Community Talk Mailing List
http://lists.nyphp.org/mailman/listinfo/talk
NYPHPCon 2006 Presentations Online
http://www.nyphpcon.com
Show Your Participation in New York PHP
http://www.nyphp.org/show_participation.php
