PHP's session_start method stores the session data in files by default. These files are stored in the tmp directory of the OS and are cleared at intervals by the garbage collector.
Alternatively the session data can be stored in database as well.
Storing session data in database has certain advantages :
1. Limit the number of logins
For instance if your application should allow only 10 logins at a time , then the session table can be checked to find the number of users already logged in. If the limit is exceeded , then further users may not be allowed to log in.
2. Block multiple logins for same username.
If your website or application needs to make a user login from only 1 location at a time for security purpose or something else , then the sessions table can simply delete the earlier session data of a particular username and login the new one.
3. Monitor user activity
View which user is currently online, when did he login and for how long has he been active.
4. Logout a user
A user can be logged out simply by removing his session entry in the database. This can be useful to logout users who have been inactive for a long time.