session read should lock data

[rjha]

The way PHP reads session data is : -
start page execution
read session data
work with session data
page execution over
write session data

That means session data is loaded only once. So access to session data should be locked. The sequence should be

• get lock
  • read data
  • write data
  • release lock

Without a lock in place - we may have corrupt session data. We have to "emulate" the locking behavior of default PHP sessions.

@see http://www.mysqlperformanceblog.com/2007/03/27/php-sessions-files-vs-database-based/
@see http://stackoverflow.com/questions/1022416/how-to-properly-implement-a-custom-session-persister-in-php-mysql/10422239#10422239