I am currently working on a website that has high traffic by my standards. It's a webshop and has a few (serialized) objects in it's session.
E.g.
$_SESSION['shoppingcart'] = new Shoppingcart();
And this object is later used throughout the code. So far no problem. The session duration is 1 hour at the moment and is extended when users keep it alive by making requests.
Now for the (probably well known) problem: When making a change to the Shoppingcart
class in the example there is a chance that the change breaks the deserializing of the object. What can we do to prevent this problem? What is the recommended approach?
We can keep values in the database and only use a primitive int inside the session to identify the primary key.
We can use some array conversion from the object.
?