|
|
Posted by Richard Lynch on 05/15/05 06:23
On Sat, May 14, 2005 4:45 am, mbneto said:
> They are in the same machine. My major concern is with security and
> the hability to make sure if a user logs in, or adds something to a
> "shopping cart" in one domain it will be available to the other
> domain.
>
> Can I set call setCookie twice with the same variable name but
> different domain ? I could set the sessionid and call session_start
> with the propagated id when/if a user crosses from one domain to
> another.
No, you can't call setcookie with a domain name AT ALL.
If you could, what would stop you from setting Cookies for *my* site? Or
msn.com? Or Sothebys.com? Then you could just take all their customers'
money, and not need to worry about your own shopping cart.
If you want to transfer Cookies from two domains you control, it's up to
you to do that with your own hack.
It would make a lot more sense to just put all the shopping on one domain,
or have different carts for two domains.
It's more than a little odd to have the same cart on two sites from a user
perspective... Something that's likely to confuse customers, and make
them think your site is insecure if you can't even keep your shopping cart
confined to one site.
--
Like Music?
http://l-i-e.com/artists.htm
Navigation:
[Reply to this message]
|