How to use PdoSessionStorage to store Sessions in the Database

The default session storage of Symfony2 writes the session information to file(s). Most medium to large websites use a database to store the session values instead of files, because databases are easier to use and scale in a multi-webserver environment.

Symfony2 has a built-in solution for database session storage called Symfony\Component\HttpFoundation\SessionStorage\PdoSessionStorage. To use it, you just need to change some parameters in config.yml (or the configuration format of your choice):

  • YAML
    # app/config/config.yml
    framework:
        session:
            # ...
            storage_id:     session.storage.pdo
    
    parameters:
        pdo.db_options:
            db_table:    session
            db_id_col:   session_id
            db_data_col: session_value
            db_time_col: session_time
    
    services:
        pdo:
            class: PDO
            arguments:
                dsn:      "mysql:dbname=mydatabase"
                user:     myuser
                password: mypassword
    
        session.storage.pdo:
            class:     Symfony\Component\HttpFoundation\SessionStorage\PdoSessionStorage
            arguments: [@pdo, %session.storage.options%, %pdo.db_options%]
    
  • XML
    <!-- app/config/config.xml -->
    <framework:config>
        <framework:session storage-id="session.storage.pdo" lifetime="3600" auto-start="true"/>
    </framework:config>
    
    <parameters>
        <parameter key="pdo.db_options" type="collection">
            <parameter key="db_table">session</parameter>
            <parameter key="db_id_col">session_id</parameter>
            <parameter key="db_data_col">session_value</parameter>
            <parameter key="db_time_col">session_time</parameter>
        </parameter>
    </parameters>
    
    <services>
        <service id="pdo" class="PDO">
            <argument>mysql:dbname=mydatabase</argument>
            <argument>myuser</argument>
            <argument>mypassword</argument>
        </service>
    
        <service id="session.storage.pdo" class="Symfony\Component\HttpFoundation\SessionStorage\PdoSessionStorage">
            <argument type="service" id="pdo" />
            <argument>%session.storage.options%</argument>
            <argument>%pdo.db_options%</argument>
        </service>
    </services>
    
  • PHP
    // app/config/config.yml
    use Symfony\Component\DependencyInjection\Definition;
    use Symfony\Component\DependencyInjection\Reference;
    
    $container->loadFromExtension('framework', array(
        // ...
        'session' => array(
            // ...
            'storage_id' => 'session.storage.pdo',
        ),
    ));
    
    $container->setParameter('pdo.db_options', array(
        'db_table'      => 'session',
        'db_id_col'     => 'session_id',
        'db_data_col'   => 'session_value',
        'db_time_col'   => 'session_time',
    ));
    
    $pdoDefinition = new Definition('PDO', array(
        'mysql:dbname=mydatabase',
        'myuser',
        'mypassword',
    ));
    $container->setDefinition('pdo', $pdoDefinition);
    
    $storageDefinition = new Definition('Symfony\Component\HttpFoundation\SessionStorage\PdoSessionStorage', array(
        new Reference('pdo'),
        '%session.storage.options%',
        '%pdo.db_options%',
    ));
    $container->setDefinition('session.storage.pdo', $storageDefinition);
    
  • db_table: The name of the session table in your database
  • db_id_col: The name of the id column in your session table (VARCHAR(255) or larger)
  • db_data_col: The name of the value column in your session table (TEXT or CLOB)
  • db_time_col: The name of the time column in your session table (INTEGER)

Sharing your Database Connection Information

With the given configuration, the database connection settings are defined for the session storage connection only. This is OK when you use a separate database for the session data.

But if you’d like to store the session data in the same database as the rest of your project’s data, you can use the connection settings from the parameter.ini by referencing the database-related parameters defined there:

  • YAML
    pdo:
        class: PDO
        arguments:
            - "mysql:dbname=%database_name%"
            - %database_user%
            - %database_password%
    
  • XML
    <service id="pdo" class="PDO">
        <argument>mysql:dbname=%database_name%</argument>
        <argument>%database_user%</argument>
        <argument>%database_password%</argument>
    </service>
    
  • XML
    $pdoDefinition = new Definition('PDO', array(
        'mysql:dbname=%database_name%',
        '%database_user%',
        '%database_password%',
    ));
    

Example SQL Statements

MySQL

The SQL statement for creating the needed database table might look like the following (MySQL):

CREATE TABLE `session` (
    `session_id` varchar(255) NOT NULL,
    `session_value` text NOT NULL,
    `session_time` int(11) NOT NULL,
    PRIMARY KEY (`session_id`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8;

PostgreSQL

For PostgreSQL, the statement should look like this:

CREATE TABLE session (
    session_id character varying(255) NOT NULL,
    session_value text NOT NULL,
    session_time integer NOT NULL,
    CONSTRAINT session_pkey PRIMARY KEY (session_id),
);