Is it a good idea to choose php-session-id as primary key in a MySQL-Database?

Question

Is it a good idea to choose php-session-id as primary key in a MySQL-Database? Will there be unexpected surprises?

Why I am asking this question: I want to store visitor-behavior and want to identify visitors on their session-id at that time.

I do not know exactly what criteria a PHP session ID is generated. That's why I also do not know if someday might exist duplicates.

EDIT2: Aside from performance issues a session ID is not always unique. Therefore, one should not use it as a PK. See here Link1

In deed there will be expected surprise not unexpected if you always use logged in user session id to compare in the db, the session id will be different in each login and if you try to compare data in the table with current session id of the user it will not match with the id stored before. — Abhik Chakraborty, Jun 03 '14 at 10:04
use a autoincrementing id for the primary key and store the session id as an indexed string. — serakfalcon, Jun 03 '14 at 10:16

score 1 · Accepted Answer · edited May 23 '17 at 12:11

1

This is not a good idea because, primary keys are advised to be integers which helps for indexing. If session ID is unique of course you can use it as a database primary key but i hope you consider not to for the sake of your database design and speed.

Why I am asking this question: I want to store visitor-behavior and want to identify visitors on their session-id at that time.

Why don't you add non primary key column called session-id ? You can still identify them that way.

About uniqueness, please refer to this link

edited May 23 '17 at 12:11

Community

1
1

answered Jun 03 '14 at 10:10

1

@LonelyProgrammer From research, it's not guaranteed to have a unique sessionid all the time. But lets say uniqueness is not the worry. Then performance will be poor as time goes on. – Jun 03 '14 at 10:18
Your link has answered my question, therefore I've marked your answer as correct one. Thank you! – Jun 03 '14 at 10:19
1

@LonelyProgrammer glad i could be of help – Jun 03 '14 at 10:20

score 0 · Answer 2 · edited May 23 '17 at 12:27

Why I am asking this question: I want to store visitor-behavior and want to identify visitors on their session-id at that time.

Just use cookie. Store a token in cookie, and store that token along with visitor_id (an auto increment integer and primary key) and other other behavioral data you want in MySQL. Storing session files that long to remember a visitor will be a burden over your storage.

And putting php session id as primary is not an option that anyone will choose for their database. By the way session id changes with every restart of browser, considering you haven't gone wild to change session.cookie-lifetime and session.gc-maxlifetime(Source), then how do you recognize the already visited visitor, who has now a new session id.

score 0 · Answer 3 · answered Jun 03 '14 at 12:12

I don't know about weather to choose php-session-id as primary key in a MySQL-Database is a good idea or not but it's not a bad idea though because if there was ever a breach of security in our script the hacker couldn't drop tables from our database. If you're really paranoid, create a different user for each function.

Check Link Below For better Understanding http://www.wikihow.com/Create-a-Secure-Session-Managment-System-in-PHP-and-MySQL

Is it a good idea to choose php-session-id as primary key in a MySQL-Database?

3 Answers3