php[architect] magazine has republished an article from their January 2018 issue by Jeremy Dorn that covers PHP sessions in-depth.
HP Sessions are often taken for granted. A session is a magic array which persists across page loads and holds user-specific data. It’s a fantastic and integral part of most web applications. But when misused, sessions can cause substantial security holes, performance and scalability problems, and data corruption. A deep understanding of sessions is vital to production web development in PHP.
The article covers various topics around PHP sessions and their use including security, performance and scalability. It also covers a few additional topics like serialization of data, session locking and intelligent auto-merging of sessions on the backend. Check out the full article for descriptions of each and some code examples to help show them in action.