$_SESSION variable overload?

[cnoevil]

Greetings Fellow Phpers,

 

I'm new to this board although I registered a little while back and I'm a new comer to php as well.  I've been studying programming (java) for a little while so I do have something of a grasp on programming concepts, but circumstances have encouraged me to take the opportunity to learn php.  Presently, I'm pulling through a rather large web accessible accounting application written in php as a foundation for learning web application design in php. 

 

I've noticed a rather sizable amount of variables being passed around in the $_SESSION( ) global array and I was wondering if this was common practice.  I mean, there may be as many as 30 different keys being accessed here.... as in : if is_set $_SESSION("kitchen_sink"),  do whatever. ???

 

I'm just wondering if the example I'm using to base my education on is teaching me bad habits and that there is another best practice indicated here, or if this is typical and acceptable within mid to large php applications.

 

Thanks,

Mark

[gregor171]

Overhead. But I wouldn't touch it.

$_SESSION could be good to decrease your database access, it is secure enough, a good way to store user specific data, by default - kept on disc..

 

It's a bad practice to store common data in a user's session...

 

For each case I'd ask my self:

- what do I gain/lose for this case

- security risks

- alternative?