发表新帖
发表新帖

Allow php sessions to carry over to subdomains

前端 未结
关注
10 1103
清歌不尽
清歌不尽 2020-11-22 01:10

I use php sessions (not cookies, except for session id cookie) for all user data, and when a user goes to their profile user.mydomain.com they are immediately \"logged out\"

相关标签:
10条回答
  • 名媛妹妹
    2020-11-22 01:48

    yes. ini_set is working. but remember to destroy all caches and cookies of the browser to see it works.

    1. destroy all caches and cookies of your browser

    2. in your xxx.example.com and yyy.example.com, your php files should start like this. 

      ini_set('session.cookie_domain', '.example.com' ); session_start();
    0 讨论(0)
  • 眼角桃花
    2020-11-22 01:50

    I know this is quite old - but to further expand on @CTT's suggestion - I needed to add a php.ini file in each sub-directory (that will be executing php code and requires the session) of my subdomain with the following text:

    suhosin.session.cryptdocroot=Off
suhosin.cookie.cryptdocroot=Off

    I hope this helps (it took me ages to figure this out).

    0 讨论(0)
  • 我寻月下人不归
    2020-11-22 01:54 
    if(isset($_COOKIE['session_id']))
    session_id($_COOKIE['session_id']);
    Zend_Session::start(); //or session_start();

    if(!isset($_COOKIE['session_id']))
        setcookie('session_id', session_id(), 0, '/', '.yourdomain.com');

    This is a good solution, but you cannot use it in all situations. For examples it will not work when you cannot rely on not-session cookies.

    This actually MUST work if you use it correctly.

    ini_set('session.cookie_domain', '.example.com' );

    For example you need to put it before session_start() and also in all files that call session_start()

    0 讨论(0)
  • 长情又很酷
    2020-11-22 01:56 
            if(isset($_COOKIE['session_id']))
            session_id($_COOKIE['session_id']);
        Zend_Session::start(); //or session_start();
        if(!isset($_COOKIE['session_id']))
            setcookie('session_id', session_id(), 0, '/', '.yourdomain.com');

    security be damned, if you are as frustrated with incomplete or bad answers as I am, this is your savior. It just works.

    0 讨论(0)
  • 深忆病人
    2020-11-22 01:58

    I just had this problem and it turns out I was using different php.ini files for two different sub-domains. These ini files specified different session.save_path variables. For obvious reasons this needs to be the same for all sub-domains that need to share sessions.

    0 讨论(0)
  • 终归单人心
    2020-11-22 02:05

    Before session_start() use session_set_cookie_params() replacing .domain.com with your domain like this example:

    session_set_cookie_params(0, '/', '.domain.com');
session_start();
    0 讨论(0)
 看不清?
提交回复
热议问题