Derick,
If you're seriously looking at thousands of concurent users
(let alone
millions) and the kind of budget on hardware and comms that
implies,
then I'd suggest you seriously look at your own session
solution with MySQL or
whatever.
You can perfectly easily just use your own authentication
against
your MysQL user base and pick up all their "session" data
from
the same table or related tables if there is a lot of it.
The basic logic for each page runs :
Is $PHP_AUTH_USER set? If not send out an authenticate
header.
If $PHP_AUTH_USER is set pick out the user entry and
password from your MySQL
database and check the password, if it fails send back the
authenticate header. Pick up all your session data while
you're
checking the password, so from one database query you've got
everything sorted out.
Do whatever processing you need and just before sending back
the
next bunch of html, update the user's record storing back
all the
session information.
That's session management for you. The only advantage of
standard
session management tools like php's session management is
that you
can change what you store without making any database
changes. But
your volume of traffic you shouldn't expect to make any
quick and easy
changes to the logic of whatever you're doing.
It's not really a lot of work to do this and you do get
extra benefits
in terms of flexibility over what session data is stored
for how long
and in what format. Basically you don't have a problem as
long as the user's
don't have a lot of session data. If they do have a lot of
session data,
you've got a major storage/retrieval problem regardless of
your session
tool and you probably need to chuck a highly-tuned
customised database
structure at it anyway!!
Hope that helps,
George
> Moax Tech List wrote:
>
> I am setting up a website with a need to use some sort of
> session management for a large amount of users. I cannot
> use typical file based session managment because at any
> given time there could be up to a million users logged in
> at once. (It is a LAMP linux/apache/php4/mysql system). I
> am a bit confused though as how to go about this. The user
> will be authenticated by verifying a username/password
> combo in a database, and then a session created.
> My question is this:
> After authentication, which type of session managment
> should I use? I mean, just do the standard php stuff with
> the session_ functions? (wo'nt this be bad with the # of
> simoltaneous users i need to support, because of the # of
> files on the server?) Or, shall I use something more
> complex like PHPLIB or create my own scheme using mysql?
> Is there any exisiting code/functions that can make
> creating my own scheme easier in order to support mysql or
> am i way off with this question? I just need a bit of
> direction here and any help is appreciated. Thanks!
>
> -Derick
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
