|
|
Posted by Rik on 10/16/46 11:48
elyob wrote:
> I want to test locally and can't get past my cookie protection, is
> this right? It doesn't seem to work ...
>
> if ($_SERVER['REMOTE_ADDR']=="127.0.0.1") {
> session_set_cookie_params(7200, '/', '.localhost');
> } else {
> session_set_cookie_params(7200, '/', '.domain.com');
> }
From php.net:
-------------------------------------------------------
jordi at jcanals dot net
15-Nov-2004 02:39
Something that has taken me some time to debug: session_set_cookie_params()
does not work when the domain param is just a one level domain, like it was
a TLD.
I have a site in an intranet and our internal domain is .local, so trying to
set the cookie session to the .local domain does not work:
session_set_cookie_params(0, '/', '.local'); // Does not work
In all test I've done, setting the domain only works for SLDs and above:
session_set_cookie_params(0 , '/', '.sld.local'); Does work
This is nothing to do with PHP but the http protocol, witch does not permit
setting cookies for TLDs for obvious security reasons.
-------------------------------------------------------
What if you just use session_set_cookie_params(7200, '/');
Or does this break the rest of the script/gets caught in your
cookie-protection?
Grtz,
--
Rik Wasmus
Navigation:
[Reply to this message]
|