Performance of cPickle module
Paul Rubin
http
Tue May 11 16:09:28 EDT 2004
sh at defuze.org writes:
> If I had to use a database, the database would keep track of my users and I
> would only need to do a SQL statement. Would the cPickle more efficient in my
> case than a database ?
Not if you had more than a few users. Why don't you look at the dbm
or shelve modules. The dbm module lets you store strings (including
pickles) in a disk file that works like a hash table (much less hassle
than messing with an SQL server). The shelve module uses dbm and
handles the pickling automatically. Note that all these approaches
have a terrible pitfall, which is what happens if the web page needs
to update the database, say you want to let people automatically
create their own user accounts through the site? If two people try to
update the dbm file (or an xml file) simultaneously, things can get
completely screwed up unless you're careful. The idea of a real
database is to take care of those issues for you.
Another thing you could do is put the session state in a browser
cookie. Be careful when you do that though, since a malicious user
could concoct a cookie that lets him seize some other user's session,
or even takes over your server if you unpickle the cookie. The best
way to handle that is encrypt the cookies. See
http://www.nightsong.com/phr/crypto/p3.py
for a simple encryption function that should be sufficient for this
purpose.
More information about the Python-list
mailing list