Today I learned about “PHP Session Locking”:
PHP writes its session data to a file by default. When a request is made to a PHP script that starts the session (
session_start()), this session file is locked. What this means is that if your web page makes numerous requests to PHP scripts, for instance, for loading content via Ajax, each request could be locking the session and preventing the other requests from completing.
The other requests will hang on
session_start()until the session file is unlocked. This is especially bad if one of your Ajax requests is relatively long-running.
As a developer you can prematurely close the session by calling
session_write_close() or – with PHP7 – close it automatically after starting:
session_start([ 'read_and_close' => true, ]);