Reputation: 334
How make PHP session work using subdomain and AJAX?
I'm working in a PHP project that uses subdomains, sessions and Ajax. But unfortunately I can't make it work! I'll try explain:
Let's assume that I'm at this domain: app.mysite.com/index.php
At this domain, I have a form that performs an Ajax request to mysite.com/functions/execute.php (without any subdomain)
In the first line of execute.php, I have a require_once that include a helper.php file. In this file I have put:
ini_set('session.cookie_domain', '.mysite.com');
session_set_cookie_params(0, '/', '.mysite.com');
session_start();
All PHP files listed also include the helper.php.
If I for example run:
echo $_SESSION["myValue"];
At app.mysite.com/index.php or any other subdomain, like auth.mysite.com, I'll get the value: "test". But if I run the same code at execute.php, and return the value through Ajax I'll get undefined index!
What am I doing wrong?
Upvotes: 5
Views: 1758
Answers (3)
Reputation: 334
I already figure out how to make this work. Ajax Post method do not send credentials header by default, so we need to enable manually:
$.ajax({
method : "POST",
url : "https://example.com/functions/execute.php",
data : myData,
xhrFields: {
withCredentials: true
}
}).done(function(result) {
alert("success"));
});
And in execute.php you need to put:
ini_set('session.cookie_domain', '.example.com');
session_set_cookie_params(0, '/', '.example.com');
session_start();
header('Access-Control-Allow-Credentials: true');
And if you request this from a subdomain, also need to put at example.php:
header('Access-Control-Allow-Origin: http://app.example.com');
Upvotes: 3
Reputation: 419
If your project is web based application you can easily set cookie/session in all domain with a simple trick. Am sure this works for cookies but never tried with sessions. Lets do what Google is doing. Create a PHP file that sets the cookie on all 3 domains. Then on the domain where the theme is going to set, create a HTML file that would load the PHP file that sets cookie on the other 2 domains. Example:
<html>
<head></head>
<body>
<p>Please wait.....</p>
<img src="http://domain2.com/setcookie.php?theme=whateveryourthemehere" />
<img src="http://domain3.com/setcookie.php?theme=whateveryourthemehere" />
</body>
</html>
Keep those img elements hidden so that it will not show any broken image in the front end if page is visible to user.Then add an onload callback on body tag. The document will only load when the images completely load that is when cookies are set on the other 2 domains. Onload Callback :
<head>
<script>
function loadComplete(){
window.location="http://domain1.com";//URL of domain1
}
</script>
</head>
<body onload="loadComplete()">
We set the cookies on the other domains using a PHP file like this(setcookie.php ) :
<?php
if(isset($_GET['theme'])){
setcookie("theme", $_GET['theme'], time()+3600);
}
?>
Now cookies are set on the three domains:) and with web application you know how retrieve cookie:)
Ofcourse you may need to tweek in this code as per your requirements. But this this will definitely give you an idea to proceed
Hope this helps
Upvotes: 1
Reputation: 739
Please refer this link. I hope it's will help you.
Setting a cookie on a subdomain from an ajax request
I do not see SESSION vars when calling subdomain script with Jquery (ajax)
Thank You!
Upvotes: 1
Related Questions
- PHP session shared with subdomain
- How can I pass session value to subdomain
- PHP cross subdomain session for subdomain on different server
- PHP and Jquery Ajax not starting session
- PHP Session Variable from subdomain to main domain
- domain -> subdomain - passing session data
- session for sub-domain.example.com using PHP
- php cross domain session problem
- Subdomain Session Issue
- PHP: session_cookie over subdomains?