Maintaining Session Variables across Subdomains

前端 未结 2 1855
花落未央
花落未央 2021-02-06 14:24

I have been trying to maintain session vars between two subdomains and found it impossible. I ended up creating 2 minimal PHP web pages as a test bed, one I call \'test 1\' just

2条回答
  •  不知归路
    2021-02-06 15:03

    Ok I nailed it and it was a stinker.

    Suhosin's suhosin.session.cryptdocroot option was the entire cause of the problem. When the session encryption key is based on the DocRoot it causes the subdomains to fail to see each other's session variables when the base domain and the subdomains are served from different directories. This leads to the session vars on the server being stored in different folders and hence they are not visible to each of the corresponding domains.

    Solution. Simply add these 2 lines in your php.ini file:

    suhosin.session.cryptdocroot=Off
    suhosin.cookie.cryptdocroot=Off
    

    A 48 hour nightmare to track down, 4.8 seconds to fix.

提交回复
热议问题