3

I have a form with several fields that will be a fairly active. With that said there is a validation piece.

A user POST's and the values are stored in $_SESSION variables.

On fail, the $_SESSION variables are cleared that are incorrect. I do this because the form echo's back the previous values that are still correct, out of convience to the user.

Which is faster: 

$_SESSION['variable']="";

PRO-->Less operations for each form POST
CON-->Server stores more $_SESSION variables at any given point.

unset($_SESSION['variable']);

PRO-->More operations for each form POST
CON-->Server stores less $_SESSION variables at any given point.

Thoughts?

Improve this question
3
  • You could have a loop create 1 million $_SESSION variables and then have one script to unset them and one to set a blank string to them and time for yourself. Commented Jan 26, 2012 at 5:30
  • 2
    If performance optimizations at this level are a real concern for you, PHP is the wrong language to begin with. In other words, it will make no practical difference you'd ever notice without extremely obsessive profiling. Commented Jan 26, 2012 at 5:38
  • You're using sessions but what if the user opened more than one window? Commented Jan 26, 2012 at 10:57

4 Answers 4

Reset to default
4

You should unset() as setting it to an empty string means the session variable still exists and is pointing to a location in memory.

You shouldn't worry at this stage which is faster, just think of what best communicates your code's intentions.

Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

That's true but that means when the user re-POST's the server will have additional operations to preform to reinitialize the SESSION variable. There is a pro and con to both.
@DanKanze You should only be thinking in terms of performance if you have seen a performance issue with your application and profiling it has shown it to be setting session variables. This is very unlikely, especially if your site has connections to a database server.
2

I'm not sure what you mean by "less operations for each form post" by setting the session var to an empty string. This is just a hip shot, but I'm guessing you're doing something like this ...

foreach( $_POST as $k => $v ) {
  if( $v == 'correct value' ) {
    $_SESSION[$k] = $v;
  } else {
    if( isset($_SESSION[$k] ) unset($_SESSION[$k] );
}

If not, then you probably ought to be. This way the only session variables that are ever set (thus using up resources) are going to be ones that are valid answers, and on the off chance that they're resubmitting a form and got a previously correct answer wrong it'll dump it. Then later on you can just do another foreach to dump out the session vars for the user's perusal.

Just as a common rule of thumb, unsetting a variable is preferable to setting it to "", as it removes it from memory, using less resources. The nanosecond or so required to re-set it, if required, is negligible unless you're talking about hundreds of thousands of requests per minute, and it doesn't sound like you are.

As for if it's absolutely critical? Meh. The company I work for has session variables that are literally pages long when I do a var_dump. 1000 plus instances of objects at the least, and our servers take millions of unique hits a month, so unless you're talking about more than that, I doubt it will ever really make that much of a noticeable difference to anyone.

Improve this answer

Comments

1

Use unset($_SESSION['variable']); to complete clear it completely.

By the way, if you do not redirect the page, you don't need to store the user input in the session.

Improve this answer

Comments

1

I agree with Alex. Yes you have to reinitialize the SESSION variable but depending on how the php interpreter is written they probably pre-allocate memory so that memory initialization is really fast making it just as fast as resetting the string in the first place. If anything I would just do it for the clarity.

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.