|
|
Posted by Andy Hassall on 10/30/06 12:31
On 26 Oct 2006 16:54:04 -0700, "magic_hat60622" <magic_hat60622@yahoo.com>
wrote:
>Hi all. I've got an app that dumps a user id into a session after
>successful login. the login page is http://www.mydomain.com/login.php.
>
>If the user visits pages on my site without the www (i.e.,
>http://mydomain.com/foo.php), the session works fine and login state is
>maintained.
>
>If he visits http://www.mydomain.com/foo.php, the app drops the
>logged-in state.
>
>Any idea how to fix this? I'm running php 4.4.1 w/ linux apache.
If you want to force the session cookie to apply to a wider scope, i.e. to
apply for the mydomain.com domain instead of just the host that issued it, then
you can use session_set_cookie_params to set the domain.
This may cause problems if you have other subdomains aside from the "www" one,
unless you really do want sessions shared across all of them.
--
Andy Hassall :: andy@andyh.co.uk :: http://www.andyh.co.uk
http://www.andyhsoftware.co.uk/space :: disk and FTP usage analysis tool
Navigation:
[Reply to this message]
|