Allow php sessions to carry over to subdomains

前端 未结 10 1110
清歌不尽
清歌不尽 2020-11-22 01:10

I use php sessions (not cookies, except for session id cookie) for all user data, and when a user goes to their profile user.mydomain.com they are immediately \"logged out\"

相关标签:
10条回答
  • 2020-11-22 02:08

    Here are 4 options.

    Place this in your php.ini:

    session.cookie_domain = ".example.com"
    

    Or in your .htaccess:

    php_value session.cookie_domain .example.com
    

    Or as the first thing in your script:

    ini_set('session.cookie_domain', '.example.com' );
    

    Or in your php-fpm pool configuration for your site:

    php_value[session.cookie_domain] = .example.com
    
    0 讨论(0)
  • 2020-11-22 02:10

    Try This:

    session_start(); 
    
    $sessionId =  session_id();
    

    logged the user. When user will switch to other subdomain sent the session id in the URL like this user.mydomain.com/?id=$sessionId

    $sessionId =  $_GET['id'];
    
    session_start($sessionId); 
    

    Now the user will get all the session values and stay logged in.

    0 讨论(0)
  • 2020-11-22 02:13

    change the session name at the top of the core functions file like

     session_name('mysession');
    

    then use the following code into the php page

      session_set_cookie_params(0,"/",".example.com",FALSE,FALSE);
      setcookie(session_name(), session_id(),0,"/","example.com");
      session_start();
    

    finally change the default session name of the subdomain and remove the default cookie in subdomain's core functions file like:

     /*default session name*/
     session_name("mysession");
     /*remove the PHPSESSID and default session name from subdomain's cookie*/
     setcookie( "mysession", "",1,"/" );
     setcookie( "PHPSESSID", "",1,"/" );
    

    if you continue with using your cookie name as PHPSESSID ,just remove all the functions with

     "mysession" string like session_name('mysession'), setcookie( "mysession", "",1,"/" );
    

    then check your browser's existing cookies, just remove all the cookies of domain and subdomain, and repeat the process.

    0 讨论(0)
  • 2020-11-22 02:15

    Another option that worked for me: is to force the name of the session:

    session_name("myWebsite");
    session_start(); 
    
    0 讨论(0)
提交回复
热议问题