Well, the website I'm working on has a user register/login system. I'm trying to optimize the whole login/stay logged in/logout process. The way I see it; I have two options:

1. Use PHP sessions:
A session starts when a user logs in, and ends (gets destroyed) when they log out. They have the options of not logging out for a period of time.
In this case, I'll probably store their username/password in session variables so returning users can be verified.
What I don't like about this is the fact that the server will have to store get all these session files and get trashed up. I read about the 'garbage collector' in PHP and it didn't sound too good.
What I need to achieve is basically: a session is created when the user logs in. It's active until the user logs out, or after say a month of inactivity - at which point it gets destroyed/deleted. Any comments?

2. And the secound option is MySQL:
Since all user info is stored in a database anyway, I was thinking of achieving the above without the use of built in sessions, but custom ones. I basically create a random session id (without using the session_start to prevent new files from being created) and store in in the database next to the user.
The same procedure applies, new session stored when user logs in, it gets cleared when they log out. And I guess a simple routine to go through the users db and clean any outdated sessions (or even users).

That's basically it. sorry for being wordy. I need to maximize efficiency so I need to be sure. Please comment/suggest..
Thanks!