I'm making a php web application which stores user specific information that is not shared with other users.
我正在制作一个php web应用程序,用于存储未与其他用户共享的用户特定信息。
Would it be a good idea to store some of this information in the $_SESSION variable for caching? For example: cache a list of categories the user has created for their account.
将一些此类信息存储在$ _SESSION变量中进行缓存是不是一个好主意?例如:缓存用户为其帐户创建的类别列表。
3 个解决方案
#1
11
This would be an appropriate use of the session mechanism as long as you keep this in mind:
只要您记住这一点,这将是对会话机制的适当使用:
- Session does not persist for an indefinite amount of time.
- When pulling from session, ensure you actually got a result (ASP.NET will return NULL if the Session has expired/cleared)
- Server restarts may wipe the session cache.
- Do this for convenience, not performance. For high-performance caching, choose an appropriate mechanism (i.e. memcached)
会话不会无限期地持续存在。
从会话中提取时,确保实际获得结果(如果会话已过期/清除,ASP.NET将返回NULL)
服务器重新启动可能会擦除会话缓存。
这样做是为了方便,而不是表现。对于高性能缓存,请选择适当的机制(即memcached)
A good usage pattern would be like this (ether cookies or session):
一个好的使用模式就是这样(以太cookie或会话):
- User logs in
- Store preferences (background color, last 10 records looked at, categories) in session/cookie.
- On rendering of a page, refer to the Session/Cookie values (ensuring they are valid values and not null).
用户登录
在会话/ cookie中存储首选项(背景颜色,最后10条记录,类别)。
在呈现页面时,请参阅Session / Cookie值(确保它们是有效值而不是null)。
Things not to do in a cookie
不在cookie中的事情
- Don't store anything sensitive (use session).
- A cookie value should not grant/deny you access to anything (use session).
- Trap errors, assume flags and strings may not be what you expect, may be missing, may be changed in transit.
不要存储任何敏感的东西(使用会话)。
Cookie值不应授予/拒绝您访问任何内容(使用会话)。
陷阱错误,假设标志和字符串可能不是您所期望的,可能会丢失,可能会在传输过程中更改。
I'm sure there is other things to consider too, but this is just off the top of my head here.
我确定还有其他事情要考虑,但这只是我的头脑。
#2
4
That could work well for relatively small amounts of data but you'll have to take some things into consideration:
这可能适用于相对少量的数据,但您必须考虑以下事项:
- $_SESSION is stored somewhere between requests, file on disk or database or something else depending on what you choose to use (default to file)
- $_SESSION is local to a single user on a single machine.
- sessions have a TTL (time to live), they dissapear after a set amount of time (which you control)
- Under certain circumstances, sessions can block (rarely an issue, but i've run into it streaming flash) If the data you mean to cache is to be accessed by multiple users you're quickly better off caching it seperately.
$ _SESSION存储在请求,磁盘或数据库上的文件或其他内容之间,具体取决于您选择使用的内容(默认为文件)
$ _SESSION对于单个计算机上的单个用户是本地的。
会话有一个TTL(生存时间),他们在一段时间后消失(你控制)
在某些情况下,会话可以阻止(很少出现问题,但我遇到了流式闪存)如果您要缓存的数据要由多个用户访问,那么您最好单独缓存它。
#3
2
If you only want this data available during their session, then yes. If you want it available tomorrow, or 4 hours from now, you need to save it to a database.
如果您只希望在会话期间提供此数据,那么是。如果您希望明天或4小时后可以使用它,则需要将其保存到数据库中。
Technically you can modify the sessions to have a very long lifespan, but realize if they use a different computer, a different browser or flush their cookies they will loose the link to their session, therefore anything serious you should create a type of user account in your application, link the session to their account and save the data in a permeate place.
从技术上讲,你可以修改会话以保持很长的使用寿命,但是要意识到如果他们使用不同的计算机,不同的浏览器或刷新他们的cookie,他们将失去他们的会话的链接,因此任何严重的你应该创建一种类型的用户帐户您的应用程序,将会话链接到他们的帐户并将数据保存在渗透的地方。
#1
11
This would be an appropriate use of the session mechanism as long as you keep this in mind:
只要您记住这一点,这将是对会话机制的适当使用:
- Session does not persist for an indefinite amount of time.
- When pulling from session, ensure you actually got a result (ASP.NET will return NULL if the Session has expired/cleared)
- Server restarts may wipe the session cache.
- Do this for convenience, not performance. For high-performance caching, choose an appropriate mechanism (i.e. memcached)
会话不会无限期地持续存在。
从会话中提取时,确保实际获得结果(如果会话已过期/清除,ASP.NET将返回NULL)
服务器重新启动可能会擦除会话缓存。
这样做是为了方便,而不是表现。对于高性能缓存,请选择适当的机制(即memcached)
A good usage pattern would be like this (ether cookies or session):
一个好的使用模式就是这样(以太cookie或会话):
- User logs in
- Store preferences (background color, last 10 records looked at, categories) in session/cookie.
- On rendering of a page, refer to the Session/Cookie values (ensuring they are valid values and not null).
用户登录
在会话/ cookie中存储首选项(背景颜色,最后10条记录,类别)。
在呈现页面时,请参阅Session / Cookie值(确保它们是有效值而不是null)。
Things not to do in a cookie
不在cookie中的事情
- Don't store anything sensitive (use session).
- A cookie value should not grant/deny you access to anything (use session).
- Trap errors, assume flags and strings may not be what you expect, may be missing, may be changed in transit.
不要存储任何敏感的东西(使用会话)。
Cookie值不应授予/拒绝您访问任何内容(使用会话)。
陷阱错误,假设标志和字符串可能不是您所期望的,可能会丢失,可能会在传输过程中更改。
I'm sure there is other things to consider too, but this is just off the top of my head here.
我确定还有其他事情要考虑,但这只是我的头脑。
#2
4
That could work well for relatively small amounts of data but you'll have to take some things into consideration:
这可能适用于相对少量的数据,但您必须考虑以下事项:
- $_SESSION is stored somewhere between requests, file on disk or database or something else depending on what you choose to use (default to file)
- $_SESSION is local to a single user on a single machine.
- sessions have a TTL (time to live), they dissapear after a set amount of time (which you control)
- Under certain circumstances, sessions can block (rarely an issue, but i've run into it streaming flash) If the data you mean to cache is to be accessed by multiple users you're quickly better off caching it seperately.
$ _SESSION存储在请求,磁盘或数据库上的文件或其他内容之间,具体取决于您选择使用的内容(默认为文件)
$ _SESSION对于单个计算机上的单个用户是本地的。
会话有一个TTL(生存时间),他们在一段时间后消失(你控制)
在某些情况下,会话可以阻止(很少出现问题,但我遇到了流式闪存)如果您要缓存的数据要由多个用户访问,那么您最好单独缓存它。
#3
2
If you only want this data available during their session, then yes. If you want it available tomorrow, or 4 hours from now, you need to save it to a database.
如果您只希望在会话期间提供此数据,那么是。如果您希望明天或4小时后可以使用它,则需要将其保存到数据库中。
Technically you can modify the sessions to have a very long lifespan, but realize if they use a different computer, a different browser or flush their cookies they will loose the link to their session, therefore anything serious you should create a type of user account in your application, link the session to their account and save the data in a permeate place.
从技术上讲,你可以修改会话以保持很长的使用寿命,但是要意识到如果他们使用不同的计算机,不同的浏览器或刷新他们的cookie,他们将失去他们的会话的链接,因此任何严重的你应该创建一种类型的用户帐户您的应用程序,将会话链接到他们的帐户并将数据保存在渗透的地方。