Session not maintained between mysite.com and www.example.com

Question

I am using a session to maintain some variables between different pages on my site. While it works fine when I move from www.example.com/a to www.example.com/b, the session variables are lost if I move from example.com/a to www.example.com/b

Any idea how I can make sure the session is maintained irrespective of www or no www?

The website appends a www as it navigates to different pages but the pages are accessible without that as well. So if someone is manually typing in an address and omit that part, and then navigate to page b (by clicking on a link or submitting a form), the session variables are lost.

Answer 1

The reasonable way to do it is by redirecting example.com to www.example.com; by that you make sure that all your visitors are in www.example.com, and crawlers won't index two pages with the same content.

You do that by sending a 301: Moved Permanently to users accessing example.com (assuming you use apache, you have to add this to your .htaccess):

Redirect 301 http://example.com/ http://www.example.com/

Second version:

Redirect 301 http://example.com/(.*) http://www.example.com/$1

Sorry, this one is right:

Options +FollowSymlinks
RewriteEngine on

rewritecond %{http_host} ^example.com [nc]
rewriterule ^(.*)$ http://www.example.com/$1 [r=301,nc]

Taken from here http://www.webconfs.com/how-to-redirect-a-webpage.php

Answer 2

you need to make sure the cookie is being set to .example.com not www.example.com using session_set_cookie_params, specifically parameter 3 - the domain in the documentation

Answer 3

The session ID is stored in a cookie. Cookies don't transfer over from subdomain to subdomain (e.g. www.somesite.com to somesite.com). You can change the cookie params with session_set_cookie_params() or in php.ini