selenin Posted March 11, 2011 Share Posted March 11, 2011 Hi I have an addon Domain, so you can open the site like http://www.mydomain.com/folder/ or http://www.otherdomain.com Now I want that when you are logged in you will be logged in in both, they have both the same folder. The loggin process works with $_SESSION, is there a way that the session_start() and the session_destroy can handle both sites? Quote Link to comment Share on other sites More sharing options...
AbraCadaver Posted March 11, 2011 Share Posted March 11, 2011 I think it should by default. If not, try setting the path to / using session_set_cookie_params(). If not, do this and post results: print_r( session_get_cookie_params() ); Quote Link to comment Share on other sites More sharing options...
PFMaBiSmAd Posted March 11, 2011 Share Posted March 11, 2011 By default, the session id is propagated between pages using a cookie and ALL cookies are domain specific. To do this between different domains, you would need to pass the session id (or any other identifier) on the end of the url as a GET parameter. Since php won't automatically do this for you across domains, you will need to write the code yourself to do this, which will require that any place where you want to switch between domains, that you rewrite your existing scripts to put the session id onto the end of the URL's. Also, by putting the session id (or any other identifier) on the end of the URL, you are opening up a security hole because people have a habit of copy/pasting links to pages they visit and sending that link to someone else would allow that person to visit your site and appear to be the original logged in person. Quote Link to comment Share on other sites More sharing options...
AbraCadaver Posted March 11, 2011 Share Posted March 11, 2011 By default, the session id is propagated between pages using a cookie and ALL cookies are domain specific. To do this between different domains, you would need to pass the session id (or any other identifier) on the end of the url as a GET parameter. Since php won't automatically do this for you across domains, you will need to write the code yourself to do this, which will require that any place where you want to switch between domains, that you rewrite your existing scripts to put the session id onto the end of the URL's. Ahh yes, I misread the post. I thought it was the same domain with the addition of a subdirectory. Quote Link to comment Share on other sites More sharing options...
selenin Posted March 11, 2011 Author Share Posted March 11, 2011 Ah okaj thanks, I just wondered that I even couldn't loggin any more with session_set_cookie_params() Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.