开发者

PHP session shared with subdomain

问答 作者:

I have read many forums (including this one) about passing session variables between subdomains, and I can't get this to work. Can someone explain what I am missing?

Step 1

In the php.ini file:

session.cookie_domain = ".mydomain.example"

Verified with phpinfo() that I am using the right php.ini file

Step 2

In page at www.mydomain.example set a session variable $_SESSION['a'], verify that it appears by calling it on the next page (it does). Click link to sub.mydomain.example.

Step 3

Page at sub.mydomai开发者_开发百科n.example checks if session variable is set using:

$a = $_SESSION['a'];
if(!isset($_SESSION['a'])){
    echo "Error: Session Variable not available";
}

Unfortunately I am getting my error message. What am I missing?

You must pass the session id as a cookie and set the same session id on the new domain

For example you can use this code

ini_set('session.cookie_domain', '.example.com');
$currentCookieParams = session_get_cookie_params();

$rootDomain = '.example.com';
session_set_cookie_params( 
    $currentCookieParams["lifetime"], 
    $currentCookieParams["path"], 
    $rootDomain, 
    $currentCookieParams["secure"], 
    $currentCookieParams["httponly"] 
); 

if(!empty($_SESSION)){
    $cookieName = session_id();
    setcookie('PHPSESSID', $cookieName, time() + 3600, '/', $rootDomain); 

}

if(isset($_COOKIE['PHPSESSID'])){
    session_name($_COOKIE['PHPSESSID']); 
}

debugging.
is the thing you're missing.

first of all you have to watch HTTP headers to see what is going on and what cookies actually being set. You can use LiveHTTPHeaders Firefox addon or something. With such info you can find the problem. Without it noone can answer tour question "my sessions don't work"

It can prove your statement of proper domain setting in the session settings. Or disprove it.
It can reveal some other misconfiguring.
It may show you cookie being sent back by the browser - so you can be sure that is server side problem

To see the actual result of your code (instead of guessing based on the indirect consequences) always helps.

So, I went a different direction and used this entry which worked...

session_set_cookie_params(0, '/', '.mydomain.example');
session_start();

继续阅读:phpsessionsubdomain

更多精彩内容

0

上一篇:

下一篇:

精彩评论

暂无评论...
登录 注册
Qedev.com
验证码 换一张
取 消

最新问答

问答排行榜

法律声明:本站内容均为网友上传,网站举办方负责审核和监督,

如存在版权或非法内容,欢迎举报,我们将尽快予以删除。

Copyright © 2018-2020 开发者. All rights reserved.

Powered by 开发者

ICP备案号: 京ICP备10032868号-9