I keep all information in memory. I just write to the db when the user's session expires or a logout is explicity made - btw, the information written in the database is stuff like "last access time" and so on.
Rafael [originally posted on jforum.net by Rafael Steil]