Why is it bad to put Objects into Session Vars?

treycarroll · August 9th, 2003, 03:48 PM

As the complexity of the tasks I'm trying to tackle has grown I have become increasingly impressed with object oriented design techniques.

I would like to apply these to my php code. My question is twofold:

1. If it is taboo to put objects into session vars, how DO you take advantage of php's OO capabilities w/o using sessions?;

and
2. WHY is it taboo? All I can find on discussion boards are statements such as, "as everyone knows, it is bad form to put objects into session vars...". I have run some tests with a simple example and it is definitely possible to access an object across several pages with sessions.

I am trying to use an application object which will act as a state machine for the application as a whole and control view compositions (assemble php pages from other objects). I really don't see how to take advantage of OO efficiently if the HTTP/statelessness issue is going to force us to re-instantiate and re-set every data member every time a user navigates to a new page. Yet, it seems like MS is doing just this in .NET with the viewstate. I understand that several years ago there were some problems related to ASP 3.0 and IIS, but these would seem to be irrelevant to php and the current state of session technology.

If I cannot stick an object into sessions, can I do it with a reference to an object?

Nik posted something in response to one of my posts several months ago referring to the use of a state machine to control user navigation through my site. Nik, was this an object-based solution?

Any hints, suggestions or examples would be greatly appreciated.

Thanks,

---------------
Trey Carroll

treycarroll · August 11th, 2003, 06:22 PM

I guess my question was too vague or complex. Nik must be on vacation or something.

Anyway, I did some research and found out that php5 is about to address OO in a major way. I guess I'll have to wait to see how the design patterns get implemented when we all get our "new toy". I still don't see how we're going to be able to take advantage of all of the new java-like stuff if we can't stick objects into session vars! What are we going to do put a reference to our objects into a hidden? (ha ha) It seems to me like the whole thing *hinges* on being able to keep application level variables in memory over the course of an individual visit to a site.

If anyone is out there, illuminate me.

---------------
Trey Carroll

p15ed · August 13th, 2003, 09:35 AM

Ok quick reply,

You most definatley can use objects in session variables, it is not as bad as people make out.

The problem is you must declare your class definition to the php engine before you call 'session_start();'

Just becareful to turn off global_sessions in the php.ini file as this will automatically call 'session_start();' before it processes your code and will fail when it tries to register your session object as a variable. This is the reason why it is often considered taboo to use objects inside sessions as your scripts will not be as portable as they might.

nikolai · August 18th, 2003, 12:44 PM

How funny, I was on vacation. Just got back from 10 days in the Grand Teton and Yellowstone National Parks. It's nice to be missed!

On to business: The reason people have had problems storing objects in sessions is because an object needs to be serialized (converted to a text string) to be stored across pages, and unserialized back into an object when the session is restarted in the next script.

That means (as p15ed mentioned briefly) that PHP needs to KNOW what your object is before it can unserialize your session data, which happens when you call session_start(). That means you need to perform all your relevant includes and class definitions BEFORE your session is started.

Take care,

Nik
http://www.bigaction.org/