0

The question is : Is retrieving data from POST/GET parameters faster than using SESSION?

Details: 1. When a user submit a form (not Ajax) from view, currently, it is directed to a script that acts as a controller. In this script, it will call session_start() at the beginning, and it will retrieve one parameter, "userid" for later use, then redirect the user to a different page using header("Location: "). The session handler is set to "files" (default). I am thinking to replace this with passing the "userid" as a POST parameter instead. Is this going to improve performance?

P.S the webapp is hitting an issue which the session data is "lost" during high traffic (~ 1000 concurrent users), however this lost is intermittent and occurred in most of the users. I am trying to optimize it within a given set of server specs.

Thanks

Ken Liao
  • 81
  • 2
  • 7

1 Answers1

0

SESSION means that files are located on server. POST/GET means that data comes from user directly through networking.

The main problem will be if you send "userid" using POST/GET is a security problem. That means, that anyone can send any "userid", and send a form from any user of your system.

Droid
  • 569
  • 4
  • 12
  • Yes, i do realize the security problem, thanks! But which one is more "reliable" under high traffic? – Ken Liao May 06 '15 at 04:25
  • If you are asking about network traffic, so it will be more data sending to server using POST/GET userid. And SESSION will use only harddisk – Droid May 06 '15 at 04:27
  • Can you tell what a "controller script" looks like? Is it written only for one job or there a lot of code with initialization etc. ? – Droid May 06 '15 at 04:31
  • the controller script takes that userid and query the database and then insert a record.Finally redirect the user to a different view script. It is basically written for one job. – Ken Liao May 06 '15 at 04:53
  • I see... So try it, watch the difference. Maybe the encrypting can solve the security problem with POST/GET userid? – Droid May 06 '15 at 05:02