Home >Backend Development >PHP Tutorial >A brief analysis of the concurrency problems that Session in PHP may cause, a brief analysis of session_PHP tutorial
When developing web applications, people often use Session to store data. But some people may not know that in PHP, improper use of Session may cause concurrency problems. Kishan Gor, a senior engineer at Plus91 Technologies, a software solutions provider for the Indian medical industry, explained this issue on his personal blog.
If the same client sends multiple requests concurrently, and each request uses Session, the existence of the PHP Session lock will cause the server to respond to these requests serially instead of in parallel. This is because by default, PHP uses files to store session data. For each new Session, PHP will create a file and continue to write data to it. Therefore, every time the session_start() method is called, the Session file will be opened and the exclusive lock of the file will be obtained. In this way, if the server script is processing a request, and the client sends a request that also requires the use of Session, the latter request will be blocked until the previous request is processed and the exclusive lock on the file is released. However, this is only limited to multiple requests from the same client, that is, requests from one client will not block requests from another client.
This is usually no problem if the script is short. But if the script takes a long time to run, it may cause problems. In modern web application development, a very common situation is to use AJAX technology to send multiple requests to obtain data within the same page. If these requests all require the use of Session, then the Session lock will be acquired after the first request reaches the server, and other requests must wait. All requests will be processed serially, even if they have no dependencies on each other. This will significantly increase the page's response time.
There is a way to avoid this problem, which is to call the session_write_close() method to close the Session immediately after using it. In this way, the Session lock will be released, even if the current script is still waiting for processing. It should be noted that after calling this method, the current script cannot further operate the Session.
It should be noted that the issues and opinions stated in this article only apply to the PHP default Session management mode using the session_start() method. For example, some users pointed out that if the application is hosted on AWS EC2 and DynamoDB is configured correctly, the Session lock problem will not occur.
Attached is an example code:
Session.php
<?php final class SessionController extends YafController_Abstract { public function setUserFileAction() { session_start(); $_SESSION['user_name'] = 'xudianyang'; $_SESSION['user_id'] = '123'; sleep(3); echo json_encode($_SESSION); return false; } public function setLoginFileAction() { session_start(); $_SESSION['last_time'] = time(); echo json_encode($_SESSION); return false; } public function indexFileAction() { // Auto Rend View } public function getSessionFileAction() { session_start(); var_dump($_SESSION); return false; } public function setUserRedisAction() { $session = CoreFactory::session(); $session->set('user_name', 'xudianyang'); $session->set('user_id', '123'); sleep(3); echo json_encode($_SESSION); return false; } public function setLoginRedisAction() { $session = CoreFactory::session(); $session->set('last_time', time()); echo json_encode($_SESSION); return false; } public function indexRedisAction() { // Auto Rend View } public function getSessionRedisAction() { $session = CoreFactory::session(); var_dump($_SESSION); return false; } } indexfile.phtml <!DOCTYPE html> <html> <head> <title>测试session并发锁问题</title> <meta charset="utf-8"> <script type="text/javascript" src="/assets/js/jquery-1.10.2.min.js"></script> <script type="text/javascript"> $.ajax({ url: "/session/setUserFile", type: "get", dataType: "json", success: function(response){ console.info(response.last_time); } }); setTimeout(function(){ $.ajax({ url: "/session/setLoginFile", type: "get", dataType: "json", success: function(response){ console.info(response.last_time); } }); }, 300); </script> </head> <body> 同时发起2两个ajax请求 </body> </html> indexredis.phtml <!DOCTYPE html> <html> <head> <title>测试session并发锁问题</title> <meta charset="utf-8"> <script type="text/javascript" src="/assets/js/jquery-1.10.2.min.js"></script> <script type="text/javascript"> $.ajax({ url: "/session/setUserRedis", type: "get", dataType: "json", success: function(response){ console.info(response.last_time); } }); setTimeout(function(){ $.ajax({ url: "/session/setLoginRedis", type: "get", dataType: "json", success: function(response){ console.info(response.last_time); } }); }, 300); </script> </head> <body> 同时发起2两个ajax请求 </body> </html>
The above is the entire content of this article, I hope you all like it.