|
|
Posted by Marek Kilimajer on 05/13/05 11:06
Richard Lynch wrote:
> On Thu, May 12, 2005 6:58 am, Shaun said:
>
>>$_SERVER['HTTP_HOST']
>>
>>"Mbneto" <mbneto@gmail.com> wrote in message
>>news:5cf776b80505120435724fab@mail.gmail.com...
>>Hi,
>>
>>I need to access a website (written in php) using two different
>>domains (www.foo.com and www.bar.com). I must see the same content.
>>
>>Since the site uses session and cookie variables I was wondering if
>>(and how) it's possible to create a session id that is valid for the
>>domains I'll be using...
>
>
> There is no built-in way to just tell the browser that it's okay for
> cookie X to work for both foo.com and bar.com
>
> You will have to write some code that passes the cookie name/value between
> foo.com and bar.com
>
> You might have a special script like 'propogate_cookie.php' something like:
> <?php
> $var = $_REQUEST['var'];
> $value = $_REQUEST['value'];
> setcookie($var, $value);
> ?>
>
> Put this on both servers, and then when somebody surfs to foo.com you do:
> <?php
> session_start();
> $file = file("http://bar.com/propogate_cookie.php?var=PHPSESSID&value="
> . session_id());
> ?>
The above will deadlock. session_start() locks the session file, then
you try to read from http://bar.com/propogate_cookie.php, this script
will try to use the same session file, but it will be never unlocked.
Propagating session id in url when linking across domains and having
common session storage is completely sufficient. If you are concerned
user might browse to the other domain by other means than using a link
from the first domain, you can use a 1x1 pixel image linking to the
other domain with session id in url.
Navigation:
[Reply to this message]
|