Are there limits for session variables?

As the title says, are there limits (if any) for session variables or they're considered as usual variables and can store equal amount of data?

I'm looking if there are any other limits aside from variable type ones like max length, max values and so on.

P.S. If the question is unclear, please let me know.

Thanks in advance!


Solution 1:

As @Thariama said, there's no limit on the number of variables; also, there's no limit on the amount of data you can store in a session (I've seen sessions tens of MB in size).

As the size of a session gets larger, you'll run into various quirks though: PHP 5 deserializes the whole session into memory at session_start() (using the default session handler - you can make you own solution, of course); with a 20 MB session and 50 concurrent users, your scripts start to be severely limited by disk access speeds (a.k.a. "script startup is slow as molasses" - the sessions alone would be hogging a GB of RAM); in the end, we dedicated a box to keep as many sessions as possible in its RAM, and the frontend boxes accessed them over NFS (although it helped in our case, this may be overkill for you).

Note that for many concurrent users and session storage on disk, the number of session temporary files may cause problems with filesystem limits (e.g. how many files can be in one directory before you run into problems with stat() performance), or other limits (we once found the hard way that a box was configured to only allow 4096 open files at the same time). None of this is really session-specific, but can be triggered by session handling.

Solution 2:

No, there is no limit on much space a session may have (or how many variables a session may possess). The only limit is the specs on your computer, this is defined by your available memory_limit in your php.ini . Be aware that this space will be shared among all sessions for all users.

Solution 3:

It is completely specific to your web-server. For Apache, look here:

http://httpd.apache.org/docs/trunk/mod/mod_session.html

It even allows sessions to be stored in database by using mod_session_dbd. Therefore physical limits like 1 file per session can be overcome. Moreover, Apache can be configured to keep track of per user sessions stored on a particular server or group of servers for scalability.

Solution 4:

The simple answer is no. (That is, they have no more restrictions than any other PHP variable has... must fit into memory, etc.)

However, keep in mind that $_SESSION data is stored somewhere, by default as serialized data in one file per session. So there are practical limitations. You wouldn't want to store a huge blob of information in them because they would be loaded/saved from the data store on every page that uses session_start().