PHP Session fails on sub-domains

Question

So I had a login/session system set up that worked perfectly for a good while. However, within the last few days the sessions fail to carry to the sub-domains.

I have been using the following above the session_start call:

session_set_cookie_params(0, '/', '.domain.com');

Again, this worked fine. You could log in at the base domain then move to a sub-domain and the session carried over. Or you could log in at a sub-domain and move to others fine. Example:

• Login at domain.com works
• Move to subdomain.domain.com does not
• Move to domain.com/subdomain works

No changes have been made at all to this script. It just fails. Perhaps the host is responsible?

EDIT: Even if you log in on the sub-domain, the PHP session is created but doesn't work. No $_SESSION array data works, etc., though you can see the PHP session in the browser's cookies.

Answer 1

Fixed it. It seems my session.save_path in PHP.ini was set to /tmp which, for whatever reason, wasn't letting my subdomains work or access the session files.

I changed the PHP.ini to a new folder in the html hierarchy and it worked.

Still using the session_set_cookie_params(0, '/', '.domain.com'); and all my previous settings. So my code was fine, somehow the save path stopped working. Very odd.

Answer 2

Try using ini_set() function, like:

ini_set('session.cookie_domain',
substr($_SERVER['SERVER_NAME'], strpos($_SERVER['SERVER_NAME'],"."),100) );

Or try using .htaccess

php_value session.cookie_domain .domain.com

OR try setting secure param to false , like

session_set_cookie_params(0, '/', '.domain.com', false, false);