Richard Thomas has shared some suggestions on improving the performance and use of PHP's built-in sessions in your site:

If your developing a new website and want to ensure its scalable sessions can be a sticking point. [...] There are a couple problems you may run into with this approach and most database driven examples you may use to base your session code off.

These problems can pretty much be summarized into a single sentence: Every single page load your database is going to be hit at least 2 times, first to read the session data and then session to rewrite all that data.

He includes three suggestions:

• Hash your data when pulled from the DB, if your data hasn't changed don't bother updating
• Figure out what your margin of error is for how long a session has been inactive (don't update if you don't need to)
• Use memcache in conjunction with your database, Check memcache first if its there, if it is use memcache, if its not pull from DB and shove into memcache when you DO update your data update memcache at the same time.