Home >Backend Development >PHP Tutorial >Regarding the problem of too many Session files in PHP and the storage location of session files, _PHP Tutorial
PHP’s default mechanism: for every php request, there will be a 1/100 probability (default value ) triggers "session recycling". If "session recycling" occurs, the /tmp/sess_* files will be checked. If the last modification time exceeds 1440 seconds (the value of gc_maxlifetime), they will be deleted, which means that these sessions have expired
1. What is a session file
The file is generally /tmp/sessions/sess_4b1e384ad74619bd212e236e52a5a174If
username|s:9:"test";admin|s:1:"0";
2. When does session recycling occur?
By default, for every php request, there will be a 1/100 probability of recycling, so it may be simply understood as "one recycling occurs for every 100 php requests." This probability is controlled by the following parameters
#概率是gc_probability/gc_divisor session.gc_probability = 1 session.gc_divisor = 100
Assume that in this case gc_maxlifetime=120, if a session file was last modified 120 seconds ago, then the session will still be valid before the next recycling (1/100 probability) occurs.
If your session uses session.save_path to save the session elsewhere, the session recycling mechanism may not automatically process expired session files. At this time, you need to delete expired sessions manually (or crontab) regularly
3. Set the session storage directory
If using php5-fpm, modify /etc/php5/fpm/php.ini and modify or add the following line:
session.save_path = 3;600:/tmp/sessions
4. Session clearing script
#!/bin/sh find /tmp/php-session -cmin +24 -name "sess_*" -and -size 0 -delete > /dev/null 2>&1 find /tmp/php-session -cmin +1440 -name "sess_*" -delete > /dev/null 2>&1
We can get the time here through session.gc_maxlifetime and put it in the scheduled task (crontab)
Other ways
Use memcache, etc., (session.save_handler = memcache)
Use cookies, but the cookies must be encrypted
5. Use tmfs to store session
1. Mount /tmp as tmpfs file system
Modify /etc/fstab and add the following content to the last line: /tmp/sessions tmpfs defaults,size=5120m 0 0
mount -a
2. Create session storage folder
php will not automatically create these folders, but some scripts for creating folders are provided in the source file. The script below is also easy to use. The content of the script is as follows
#!/bin/sh dir="0 1 2 3 4 5 6 7 8 9 a b c d e f" for levela in $dir; do for levelb in $dir; do for levelc in $dir; do mkdir -p /tmp/sessions/$levela/$levelb/$levelc; done done; done chown -R root:webgrp /tmp/sessions && chmod -R 1777 /tmp/sessions
Because /tmp/sessions is used for memory, all files in it will be lost after the server is restarted. Therefore, the above script needs to be added to /etc/rc.local and placed before starting php
3. Store sessions in different directories
php itself supports multi-level hashing of sessions. In php.ini, change ;session.save_path = /tmp to
session.save_path = "3;/tmp/sessions
4. Session recycling
Just use the script above
Let me tell you where the php session data is saved?
On the server side of course, but instead of saving in memory, it is saved in a file or database.
By default, the SESSION saving method set in php.ini is files (session.save_handler = files), that is, SESSION data is saved by reading and writing files, and the directory where SESSION files are saved is specified by session.save_path, and the file The name is prefixed with sess_, followed by SESSION ID, such as: sess_c72665af28a8b14c0fe11afe3b59b51b. The data in the file is the SESSION data after serialization.
If the traffic is large, more SESSION files may be generated. In this case, you can set up a hierarchical directory to save SESSION files, which will improve the efficiency a lot. The setting method is: session.save_path="N;/save_path", N is the hierarchical level, save_path is the starting directory.
When writing SESSION data, PHP will obtain the client's SESSION_ID, and then use this SESSION ID to find the corresponding SESSION file in the specified SESSION file storage directory. If it does not exist, create it, and finally serialize the data. Write to file. Reading SESSION data is a similar operation process. The read data needs to be deserialized and the corresponding SESSION variable is generated.