While I have some ideas (IPC, using mysql heap table, memory cache) none of my ideas seem to be working "perfectly".
I look for a way to block any simultanous access to the PHP script from the same user.
All users accessing my script supply a User-ID on every call, so I know who is knocking the door before I open it.
However, it can happen that users "spam" the hell out of my API, I do not want that anyone can access the script while a previous "api call" is unfinished.
I need something with low system impact and without any race-conditions (flawless handling even if requests come in within a millisecond or faster).
I'd be glad for suggestions or info how you solved a similar issue.
Platform is Linux.
Update:
I rejected using a database so far because I fear that sending thousands of update or similar queries per second could stall the server even if the single impact is low.
Sometimes the users tool accessing my API is faulty and just bombards it with massive queries, I expect that to be a performance hit if it's handled through my DB.
If I were in your situation, I'd probably start with Redis. Redis is pretty darned performant, and is likely good enough.
In particular, I'd be looking at the SETNX command. And I'd look at making the key expire after a short while (so if your PHP code dies and doesn't DEL the key, your customer isn't locked out indefinitely).
Once I had something like that working, and convinced myself it would perform well enough, I'd follow the suggestion on the above-linked page, and look into distributed locks.