To $_SESSION or not to $_SESSION?

[athmpsn]

I am designing a backend to a website where user profiles play a major role. Rather than have hundreds of users on at once making queries to the database everytime they view their or another member's profile, I thought of storing all of the information in $_SESSION variables when they first log in. These variables could then be updated and refreshed should they edit any of their profile information.

Are there any downsides to doing it this way? This is my first time creating a backend that has to take heavy traffic into account so I am fairly concerned about reducing the strain. Are there any other possible methods, tips or tricks I could use when it comes to this?

Thank you in advance for any help or suggestions you can offer!

Alex T

[GingerRobot]

So you want to store everyone's profile in each person's session? Bad idea  - it will be difficult(impossible?) to update member Xs session after member Y changes thier profile.

This is exactly what a database is good for, so thats what you should use.

[athmpsn]

Sorry for being unclear--the $_SESSIONs would only be used for when they are viewing their own profile. Other member's information would be pulled from the database :D

[GingerRobot]

I would still use a database - this is the thing they are good for.

[athmpsn]

OK I'll plan on doing that then. If anyone has any ideas or suggestions on how to help reduce the strain from heavy traffic, I would love to hear it.

Thanks for the help  :)

[Joe Haley]

The best advice for reducing strain on a database is: Write intelligent SQL, and minimize the number of querys you perform. eg: don't update the users table every time you change a value for a user. Update all a users values at the end of a script, with 1 query.

Don't nest select statements in loops. (if you must, write the query string with a loop, then perform a single query)

Pretty much the really simple obvius stuff =)

[PC Nerd]

if your expecing lots of changes to a users profile, then definately use the database, but if your not expecting much, use cookies, then the strain is on their computer.  you could simply update the script when a user logs out (tell them that any changes will not be saved unless they logout properly (not just close the browser))

[ShogunWarrior]

You could use caching so on every profile you check the last update but only if it is updated you request from database, otherwise you should grab the cached file.

[athmpsn]

Thanks for the help guys. Even the simple tips can help remind you to go about your coding the right way  ;)

I'm hesitant to go the cookies route as a fair number of people don't use/resent them, but what I am really curious about is the caching method. How would this work and how could I go about implementing it? While I'm familiar with what caching is, I have never tried to do it with PHP before and don't really know where to begin with it.

[True`Logic]

ew, sessions for the loss... best way (easier than sql databases) is simple ini's... i even use ini's (encrypted) for my logins with autologin depending on IP (unless the user disables this feature, then they are logged in depending on IP for a certain interval of time, or untill they click Log Out)

[ShogunWarrior]

Well, say for instance you create a directory called [b]cache[/b], then you might do something like this:
The browser has requested: [b]profile.php?user=124[/b]
[code]
<?php
//.... Get your variables etc. $_GET...
$user = $_GET['user'];
//The query to check if cache should be updated
$sql = "SELECT last_cached,last_updated FROM users WHERE user_id=$user";
$res = mysql_query($sql);
$row = mysql_fetch_assoc();
if($row['last_cached']<$row['last_updated'])//Cache is older than data
{
  $sql = "";//Get personal information
  $res = mysql_query($sql);
  /*
   Now do all the stuff you normally do for the profile page.
    */
   $f = fopen('cache/user_profile_'.$user.'.txt','w');//Write to cache/user_profile_124.txt
   $res = fwrite($f,$YourCacheInformation);
   fclose($f);
  //Now echo out the content
  echo($YourCacheInformation);
}
else
{
   //Check that the file exists before this!!!
   $cache = file_get_contents('cache/user_profile_'.$user.'.txt');
   echo($cache);
}[/code]
This is pseudo code but shows how I think you could do it.

[athmpsn]

Thanks for the great help in clearing that up for me Shogun. I'll play around with it to see how well I can get it to work with my system.

Thanks again to everyone else for the helpful tips and suggestions.