Reputation: 4701
session.cookie_domain in php.ini - issues with POSTing forms
My main domain: www.domain.com has a cookie which is set as: domain.com.
Once a user clicks the link to visit www.domain.com/login, and they try to log in (through a POST request), this form sets the cookie as www.domain.com (adds the www). This is causing issues with many people because when they submit the login form, the page just refreshes.
For some people, it does this FOREVER (can never submit the form). For others, it's only once - and the 2nd time, it works fine. It also varies by browser...
What is my fix here, I assume I need to enter something into my session.cookie_domain in php.ini - but what is the correct course of action?
Thanks all.
---UPDATE--- Code to set the cookie on the login page:
$expireTime = 60 * 60 * .5; // 30 minute expire time
session_set_cookie_params($expireTime,"/");
session_start();
Upvotes: 0
Views: 993
Answers (1)
Reputation: 1295
You need to explicitly set the domain, without the www, but with the preceding dot, as the third param to that function.
session_set_cookie_params($expireTime,"/", ".yourdomain.com");
This will allow the cookies to work the same regardless of whether the www is present in the actual URL or not. Note that this also applies to any other subdomains you may use, which is usually a good thing, just putting it out there.
Upvotes: 1
Related Questions
- php.ini session.cookie_domain - what to put?
- more than 1 session.cookie_domain in php.ini
- PHP sessions in redis ignores session.cookie_domain configuration
- PHP / Apache how to set session.cookie_domain from outside php.ini
- PHP Multi-Domain Sessions; ini_set Not Working?
- session.cookie_domain not working on all browsers
- session_set_cookie_params() points to the wrong domain
- Proper use of session_start() with session.cookie_domain
- Domain setting not working with php when using setcookie
- PHP cookie writes on incorrect domain