Editing session in infinite loop?

[raestlyn]

Is it possible to modify session outside of infinite loop in PHP? i have been trying to find information about with but I haven't founded anything.

[Bryan]

A session is just a flat file that PHP treats specially.  You could attach a different `session` file to your players/user accounts and modify that as you desire. 

[JGadrow]

Strictly speaking, the sessions that Bryan describes above are only the default implementation. You're able to supply your own session handling mechanisms and many people alter them to store the data in the database instead of in flat files. This is for a few reasons:

First, it removes the necessity of opening another resource (come on, you're already opening a database connection in most cases anyways, right?).

Second, it keeps all the data together in a nice, neat way.

Third, it's much easier to make transformations / informed reads against that data from within a database.

[-fedexer-]

So i guess you would always recommend saving sessions to a MySQL db as opposed to the flatfile original version?

[JGadrow]

Not always. In the world of programming, always is a very dangerous word.

However, it is my opinion that database sessions provide many benefits over the standard flat-file storage method in most cases.

[-fedexer-]

Aye fair enough always is a bad word to use generally then 

Are these db sessions easy to implement? Resources i have seen on it seem to involve creating new classes to overwrite the existing pho session saving?

[JGadrow]

It's easy enough. You either write a class with methods for the various session operations or you write a variety of functions for the same purpose. Then, you use the php session handler functions to say which method (or function) handles which type of session operation.

Oh, and I almost forgot one of the key benefits of defining your own session handler... security! lol Instead of making sure each and every one of your applications are conforming to relevant security standards, you define your own handler to correct some of php's known session vulnerabilities (such as session fixation) and then you can use it knowing you've already taken the proper security precautions.

[Marek]

To add to what Jim said, the function used for replacing the session handler is session_set_save_handler. You need to supply functions for the following tasks: open, close, write, read, destroy and garbage collect.