The PHP Online Conference 2021

Поддержка сессий

Memcached предоставляет собственный обработчик сессий, который можно использовать для хранения сессионных переменных в memcache. Для этого используется полностью отдельный экземпляр memcached, поэтому при необходимости вы можете использовать другой пул серверов. Ключи сессии хранятся с префиксом memc.sess.key., так что имейте это в виду, если будете использовать для сессий и обычного кеширования один и тот же пул серверов.

session.save_handler string

Установите для memcached для поддержки обработки сессий.

session.save_path string

Задает разделенный запятыми список записей hostname:port для определения пула серверов обрабатывающих сессии. К примеру "sess1:11211, sess2:11211".

add a note add a note

User Contributed Notes 12 notes

up
71
nfoo at naver dot com
10 years ago
If you want to use 'memcacheD' extention not 'memcache' (there are two diffrent extentions) for session control,  you should pay attention to modify php.ini

Most web resource from google is based on memcache because It's earlier version than memcacheD. They will say as following

session.save_handler = memcache
session.save_path = "tcp://localhost:11211"

But it's not valid when it comes to memcacheD

you should modify php.ini like that

session.save_handler = memcached
session.save_path = "localhost:11211"

Look, there is no protocol indentifier
up
12
Ian Maddox
6 years ago
If you are setting data to the session and it immediately disappears and you aren't getting any warnings in your PHP error log, it's probably because your sessions expired sometime in the 1970s.

Somewhere between memcached 1.0.2 and 2.1.0, the memcached session handler became sensitive to the 30-day TTL gotcha (aka "transparent failover").  If your session.gc_maxlifetime is greater than 2592000 (30 days), the value is treated as a unix timestamp instead of a relative seconds count.

This issue is likely to impact anyone with long-running sessions who is upgrading from Ubuntu 12.04 to 14.04.
up
16
richard at fussenegger dot info
7 years ago
The documentation is not complete, you can also pass the weight of each server and you can use sockets if you want. In your PHP ini:

<?php

// Sockets with weight in the format socket_path:port:weight
session.save_path = "/path/to/socket:0:42"

// Or more than one so that weight makes sense?
session.save_path = "/path/to/socket_x:0:42,/path/to/socket_y:0:666"

?>

And if you should ever want to access these servers in PHP:

<?php

$servers
= explode(",", ini_get("session.save_path"));
$c = count($servers);
for (
$i = 0; $i < $c; ++$i) {
 
$servers[$i] = explode(":", $servers[$i]);
}
$memcached = new \Memcached();
call_user_func_array([ $memcached, "addServers" ], $servers);
print_r($memcached->getAllKeys());

?>
up
18
taubers at gmail dot com
8 years ago
If you are using the memcache class for session handling your key is the PHP session ID.  This is different than when using the  memcached class.

Example with memcache:
GET nphu2u8eo5niltfgdbc33ajb62

Example with memcached:
GET memc.sess.key.nphu2u8eo5niltfgdbc33ajb62

For memcached, the prefix is set in the config:
memcached.sess_prefix = "memc.sess.key."
up
7
Andrei Darashenka
11 years ago
This extension supports Session-locking!

by default
MEMC_SESS_LOCK_ATTEMPTS   30
MEMC_SESS_LOCK_WAIT       100000
MEMC_SESS_LOCK_EXPIRATION 30
up
1
madalin at mgiworx dot co dot uk
5 years ago
short mention: Memcached has authentication support.
up
3
benoit dot delmotte at gmail dot com
3 years ago
in case of multiples memcached servers,
the separator is a semicolon ( ; ) not a comma as written

example:
session.save_path = "sess1:11211; sess2:11211"
up
0
atesin > gmail
2 months ago
moderator please merge these posts

an errata to my comment done on 2020-07-28 01:06 about tmpfs session dir...

the tmpfs directory i used to install session files is "/run" not "/tmp"...  as /tmp is auto (or manual) deleted sometimes
up
0
atesin > gmail
2 months ago
memcached is great, is lightning fast, very versatile and useful, scalable, and is a must have for many projects

but if you only want speed to minimize session file blocking there is also a good alternative, tmpfs

https://eddmann.com/posts/storing-php-sessions-file-caches-in-memory-using-tmpfs/

maybe if you are in debian you already had session directory in tmp (mounted as tmpfs), but beware of daily cleaning process that can mess up your sessions

you can use this trick if you are in centos/other (like me) or even if you are in debian but want to get ride of /tmp cleaning task

i realized in my system /run is also mounted as tmpfs, so i shut php-fpm down, moved my php session dir to /tmp/, reconfigure php and start again... (you can adapt it to your situation)

  systemctl stop php-fpm
  cp -a /var/lib/php/session /tmp/php-session
  vim /etc/php-fpm-d/www.conf
  ------
  php_value[session.save_path] = /run/php-session
  ------
  systemctl start php-fpm

the only drawback is tmpfs is VOLATILE, just like memcached (data is lost on unmount/shutdown/power fail), to  circumvent this risk i wrote another service that restores/backup php session dir before/after php starts/stops... (UNTESTED!)

  vim /etc/systemd/system/php-session-backup.service
  ------
  # basic persistence for tmpfs php sessions
 
  [Unit]
  Description=PHP tmpfs sessions backup/restore on shutdown/boot
  Before=php-fpm.service
 
  [Service]
  Type=oneshot
  RemainAfterExit=true
  ExecStart=rm -fr /run/php-session
  ExecStart=cp -fa /var/lib/php/session /run/php-session
  ExecStop=rm -fr /var/lib/php/session
  ExecStop=cp -fa /run/php-session /var/lib/php/session
 
  [Install]
  WantedBy=multi-user.target
  ------
  systemctl enable php-session-backup

you can also complement this with a daily backup task in case of system crash so you will lose just one day

  crontab -e
  ------
  0 4 * * * rm -fr /var/lib/php/session;cp -fa /run/php-session /var/lib/php/session
  ------

this is very rough though, you can better use inotify + rsync, could take some ideas from here

https://blog.jmdawson.co.uk/persistent-ramdisk-on-debain-ubuntu/
up
0
velazcomtz dot miguel at gmail dot com
1 year ago
Is important to address that memcached is not concurrent just as regular PHP sessions.

If you have two tabs and one of them takes too long to respond and try to log out on the second, the memcached server won't respond.
up
-6
sstratton at php dot net
9 years ago
While the previous poster has a point that Memcached can and will cleanup to make room for it's keys, the likelihood of active sessions (due to the likelihood that they will be written to again within 30 seconds) is fairly low provided you have your memory allocation properly alloted.
up
-40
me at nileshgr dot com
6 years ago
It seems a few people think saving sessions in memcache is more secure compared to saving in file-system (/tmp) especially when the discussion is about shared hosting.

This is not true. memcache has NO authentication; everybody & anybody can read session.save_path (which will contain the memcached daemon address).

FastCGI (PHP-FPM) is much much better when you're considering security and shared hosting.

If you want to share sessions across multiple servers transparently without having headaches of adding custom handlers, you can use NFS or something similar.
To Top