DualPathSessionHandler

A robust PHP session handler implementing SessionHandlerInterface, designed for performance and reliability.

Features:

• Dual-path storage: Uses a fast cache directory (e.g. /tmp) and a persistent directory (e.g. ./sessions).
• Read: Attempts to read from cache first, falls back to persistent storage if needed.
• Write: Writes to both cache and persistent storage, but only if session data has changed. If unchanged, only touches files to postpone garbage collection.
• File locking: Optional flock() locking (defaultLockMode) to mimic PHP's default session handler, locking the session file for the duration of the request.
• Garbage collection: Only applies to persistent storage. Uses stat for file metadata, which is more robust than filemtime.
• Cache invalidation: Detects when cache is cleaned and rebuilds from persistent storage.
• Statistics: Provides cache and persistent file counts, total size, and cache hit potential.

Usage: $handler = new DualPathSessionHandler('/tmp', DIR.'/sessions', 1440, 1800, true); session_set_save_handler($handler, true); session_start();

Constructor arguments:

• $cachePath: Path to cache directory (default: /tmp)
• $persistentPath: Path to persistent directory (default: ./sessions)
• $maxLifetime: Session max lifetime in seconds (default: 1440)
• $cacheLifetime: Cache validity period in seconds (default: 1800)
• $defaultLockMode: If true, enables flock() locking for PHP-like session file locking (default: false)

Methods:

• open($savePath, $sessionName): Prepares handler (no-op)
• close(): Releases lock and saves cache tracker
• read($sessionId): Reads session data, stores last read for change detection
• write($sessionId, $data): Writes only if data changed, otherwise touches files
• destroy($sessionId): Deletes session files from both locations
• gc($maxlifetime): Removes expired sessions from persistent storage
• getStats(): Returns cache/persistent file stats
• rebuildCacheIfNeeded(): Rebuilds cache if cleaned

Internal helpers:

• getFileMTime($file): Returns file mtime using stat
• isValidCacheFile($file): Checks cache file validity
• isValidPersistentFile($file): Checks persistent file validity
• rebuildCache($sessionId, $data): Rebuilds cache from persistent storage
• loadCacheTracker(): Loads cache tracker
• saveCacheTracker(): Saves cache tracker

Security & Reliability:

• All file operations use LOCK_EX for atomic writes.
• Directory creation and writability checks are performed.
• Handles cache cleanup and session GC robustly.
• Compatible with PHP 7.4+ and FastCGI environments.

Author: [Your Name] Date: 2025-10-13 License: MIT or your preferred license

Provider Note (OVH):

• On OVH hosting, the /tmp directory is typically more than 80x faster than local storage for file operations. Using /tmp for session cache can dramatically improve performance.

FastCGI/Socket Note: PHP write session data before the client receives the response (=>delay..). Unless you explicitly flush output (e.g., with fastcgi_finish_request()), the socket may remain open and the client will not see the data until PHP finishes execution and closes the connection.

Dual-Path Session Handler

Uses /tmp as fast cache (cleaned every ~30 minutes) and ./sessions as persistent storage. Strategy:

• Read: Try /tmp first (fast), fallback to ./sessions
• Write: Always write to both locations
• GC: Only apply to ./sessions (persistent storage)
• Cache invalidation: Detect when /tmp was cleaned and rebuild cache from persistent storage /