PHP read a cookie that is on another domain

Question

I have two domains. One domain contains the login script. It creates a cookie when logged in. Another domain have a URL shortener.

So, on the 2nd domain that have the URL Shortener script have a file called session.php. Usually I was using $_COOKIE['sessionid'] to get the session id and match it using database.

How can I get the session id now? I have tried few ways but none of them have solve my problem.

Answer 1

Just while setting cookie from the login page set the cookie to entire domain like this

setcookie("c","value",time()*3600*24,"/");

in this way you can set cookie to your entire domain.

Answer 2

Cookies are sent by the browser and only to the domain, the cookies were set for.

There is not much (meaning nothing ;) ) you can do.

But if your domains are two different subdomains (e.g. login.yourdomain.com and shortener.yourdomain.com) you just have to set the domain name accordingly to make the cookie valid for all subdomains.
In this case, it would be .yourdomain.com.

You might want to read the documentation of setcookie().

---

Maybe it is better if you clearly describe what you want to accomplish. Probably there is another solution that does not involve cookies.

Answer 3

Have you considered using a SSO implementation?

http://www.jasig.org/cas

http://en.wikipedia.org/wiki/Single_sign-on

We use it at work, it's awesome! It means we don't have to worry about these types of problems.

Answer 4

You can't. Cookies are bound to a single domain. You can use cookies across multiple subdomains though.

Answer 5

You can't read a cookie from the other domain.
though there are several ways to pass a session id. You can search SO for the cross-domain authorization

The easiest way is to pass a session id via query string

Answer 6

For obvious security reasons, you can't read a cookie that belongs to another domain. You can do it across sub-domains though.

Why not append the session id to the forwarded URL?