FlamingMoe
Reputation: 2994
PHP sessions destroy across sub domains
This could be the sequel of this question: PHP Sessions across sub domains
I have a successful multi-domain session simply using this:
session_set_cookie_params(0, '/', '.domain.com');
session_start();
The problem is when I try to logout from domain.com. I have tried everything for logout, even all this, as suggested in PHP session_destroy() manual:
// Unset all of the session variables.
$_SESSION = array();
// If it's desired to kill the session, also delete the session cookie.
// Note: This will destroy the session, and not just the session data!
if (ini_get("session.use_cookies")) {
$params = session_get_cookie_params();
setcookie(session_name(), '', time() - 42000,
$params["path"], $params["domain"],
$params["secure"], $params["httponly"]
);
}
But it's not working. The session is still alive when I visit subdomain.domain.com.
How can i do it?
Thank you!
Upvotes: 0
Views: 2857
Answers (1)
sdolgy
Reputation: 7001
Did you see if the session is started before you try to destroy it?
if (!isset($_SESSION)) session_start();
if (isset($_COOKIE['auth_token'])) {
remove_token($_COOKIE['auth_token']);
setcookie("auth_token", "", time()-3600, "/", ".domain.com");
}
session_destroy();
This is working code from my environment. Hope it helps.
Upvotes: 0
Related Questions
- Allow PHP sessions to carry over to subdomains
- PHP: SESSION lost on SUBDOMAIN
- PHP session interfering with sub-domain session
- PHP session is getting reset between subdomains
- Sessions not being set on different subdomains
- Why can't I pass user sessions between subdomains?
- Sessions and subdomains
- Maintaining Session Variables across Subdomains
- $_SESSION across subdomains
- Subdomain Session Issue