Sharing SESSION Variables Between Multiple Subdomains

那年仲夏 提交于 2019-12-17 06:12:16

问题


I have a website www.example.com. That will have multiple subdomains that work with a single application or program. For an example, login.example.com will allow the user to log in to the site while system.example.com will allow the user to access an information system, while forums.example.com will allow the user to access forums.

We may need to pass information between the subdomains such as a user id, or a user preference, etc. How do we go about passing information between the sudomains using SESSION variables?

EDIT: I like this idea:

As the first thing in your script:

ini_set('session.cookie_domain', '.example.com' ); 

回答1:


PHP session ids are saved in Cookies. To make a cookie available in all the sub-domains you need to assign it to the root domain. Then all the sub-domains will get the session id from cookie and PHP can find the session using passed session id.

As it turns out, You just need to set the session.cookie_domain to the root domain in php.ini file

session.cookie_domain = ".example.com"

Also check manual for different approaches used to set an ini entry.




回答2:


1) the subdomains should use the same path to save session files

2) modify your

php.ini session.cookie_domain = ".example.com"

or .htaccess php_value session.cookie_domain .example.com

or inside of the script ini_set('session.cookie_domain', '.example.com' );




回答3:


I found a solution to my problem:

session_name("2620368ghwahw90w");
session_set_cookie_params(0, '/', '.mydomain.com');
session_start();

This appears to work with no problem. Is this a good method with low security risk?




回答4:


Before you create your session in php file, add this line at first line :

<?php
//session cross to sub domain
ini_set('session.cookie_domain', substr($_SERVER['SERVER_NAME'],strpos($_SERVER['SERVER_NAME'],"."),100));



回答5:


you can use cookies. check the path parameter in setcookie() which makes that cookie available for he entire domain. drawbacks to this are people who turn off cookies (private browsing modes)

another method would be by passing the sessionID around using links or hidden <input> fields (for forms).

since separate websites don't share sessions (as far as i know, since subdomains are technically "different places" from eachother), don't use sessions to store on the server side. instead, use a database to handle your sessions. that way, multiple sites can share the same session tracking table.




回答6:


To share the session cookie among subdomains, you have to set the cookie's domain to .example.org (mind the dot).

http://www.php.net/manual/en/session.configuration.php#ini.session.cookie-domain




回答7:


I have been going round with this for a while now and what worked for me is placing the code below:

session_name("some_session_name"); session_set_cookie_params(0, '/', '.some_domain.com'); session_start();

across all the sub-domains that will use the session variables. I set this at the beginning of my index php file and it works. Hope this will make it clear.



来源:https://stackoverflow.com/questions/9153716/sharing-session-variables-between-multiple-subdomains

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!