Reputation: 81
I worked on a web tool that was great and working. I decided to change domain name, so I downloaded everything and uploaded everything on the new domain name.
My login system was really poor, but it worked as follows:
To keep the data between the subdomains, I placed this before assigning $_SESSION values:
ini_set("session.cookie_domain", "client.domain.com");
ini_set("session.cookie_domain", "mods.domain.com");
ini_set("session.cookie_domain", "domain.com");
ini_set("session.cookie_domain", "domain.com");
session_start();
$_SESSION['username'] = Other-code;
Of course, as I changed domain name, I changed "domain.com" with the new domain name.
Sadly, I noticed that it stopped working without any reason.. I already checked all the similar questions here, but even if I follow them and I do the things as I should.. $_SESSION is empty for the subdomain.
If you need any other info, let me know. Thanks in advance!
Upvotes: 0
Views: 251
Reputation: 1579
ini_set("display_errors","on")
on first line to see if there are any errors.
Of the first 4 lines, remove these 3 lines
ini_set("session.cookie_domain", "client.domain.com");
ini_set("session.cookie_domain", "mods.domain.com");
ini_set("session.cookie_domain", "domain.com");
and change the last line to
ini_set("session.cookie_domain", ".domain.com");
After login success and before login call session_regenerate_id()
to change your session id. As suggested by jeroen in php-sessions-across-sub-domains you can also add the below 2 lines prior to session_start
$some_name = session_name("some_name");
session_set_cookie_params(0, '/', '.domain.com');
please keep in mind that if you are going to add the 2 line above, you also need to add them in your login page.
and as a final note, check if there's anything output to browser prior to session_start
, if soyour setting for session will not be active and won't work
Upvotes: 1