What are the benifets from keeping your users session info in the DB? Big boards like vB here do this. Does anyone have any articles or tutorials related to this?

TIA :cool:

What are you planning to do?

My site uses session handles too for two reasons:

1)
to keep the visitor logged in while surfing through the pages


2)
and not to have to put the username / password in the URL to make point 1 possible (which is pretty unsecure!)

Well, there is another point:
You can code your scripts so that the session timesout after an ammount of time, so someone "stealing" the session ID doesn't have fun with it too long.
You can also do an IP check, so the active session can only be used from the IP it was activated / logged in.

I know what sessions are used for, just why people store them in the database.

Hmm... IMO it's easier to handle them in a database instead of in the filesystem by making files for the session handles.

vB uses its own session handling functions, so you can't compare it to PHP's functions.

The benefit of storing them in the db is that especially on shared servers, other people can't access the session files.

Thanks guys, though I'm still a little cloudy.

When I look at the session table in the db, I only see certain fields, what about all the other stuff vB stores? Doesn't it store other info, username, password or something?