开发者

JavaScript redirection problem with PHP sessions

问答 作者:

I set a session variable on login subdomain, and response json from another subdomain if the login was开发者_StackOverflow社区 successful, the responsed json is checked by a script and the script does a location.href = "new url". On the redirected site "new url" I want to check my session variables if the user is logged in or not, but there are no session variables set. Does location.href = "" destroy my session? How to fix this problem? session.cookie_domain is set to '.mydomain.com'.

login.mydomain.com:

$.post('http://api.mydomain.com/index.php', {action: 'login', username: username, password: password}, function(response) {
            var success = $.parseJSON(response);
            if(success.success == 'true') {
                location.replace = 'http://my.mydomain.com';
            }
        });

api.mydomain.com:

session_start();
$_SESSION['active'] = true;
header('Access-Control-Allow-Origin: http://login.mydomain.com');
echo '{"success": "true"}';

my.mydomain.com:

session_start();
if(!isset($_SESSION['active']) && !$_SESSION['active']) {
    header("Location: http://login.mydomain.com");
    echo $_SESSION['access_token'].' test';
}
else {   
    echo 'Success!'; 
}

I had the same problem and I found when I use a relative url (location.ref="index.php"), all sessions variables exists. But when I use a absolute url (location.ref="http://mydomain.com/index.php") it kills all my session variables.

You don't seem to be calling session_start() in the second code block.

From what you're saying you could have a couple of issues contributing to this problem.

  1. PHP cookies are set by the server when the page is loaded, no page load means no cookie is set, if you're using pure JSON with no page load then you may not be able to set your session and return it to the browser.

  2. Also remember that PHP sessions are effectively a cookie and the rules for cookies apply, so if you're setting a PHP session at api.mydomain.com and expect it to work at my.mydomain.com it probably wont work.

You can find a viable solution to handling login data and the sessions over multiple sub-domains here

继续阅读:javascriptphpredirectsession

更多精彩内容

0

上一篇:

下一篇:

精彩评论

暂无评论...
登录 注册
Qedev.com
验证码 换一张
取 消

最新问答

问答排行榜

法律声明:本站内容均为网友上传,网站举办方负责审核和监督,

如存在版权或非法内容,欢迎举报,我们将尽快予以删除。

Copyright © 2018-2020 开发者. All rights reserved.

Powered by 开发者

ICP备案号: 京ICP备10032868号-9