I also prefer database storage.
The rest of my application data is already in there. A database can have
better security, because it has its own permission and authentication
system, while file-based sessions often end up owned by "nobody", which
other users on a shared system can access.
I'm not so concerned about "faster", since databse storage is "fast
I think the only reason /not/ to use database storage is because the
database isn't be used for anything else. In that case, I would consider
file storage for simplicity.
Last edited by shabbir; 6Dec2008 at 19:24..
Reason: Confine links to signatures.