|
Posted by wombat on 01/21/07 06:45
In article <54555$45b2c877$8259c69c$9783@news1.tudelft.nl>,
"Rik" <luiheidsgoeroe@hotmail.com> wrote:
> wombat wrote:
> > I have a problem with a page that allows you to log into my site. The
> > site is in a subdomain. However, to eliminate some of the problems
> > I've had I link everything through http://www.***.com/home/index.php
> > instead of using http://home.***.com/index.php.
> >
> > The problem I'm now encountering is this:
> >
> > The sessions appear to be dependent on the url. Testing the code on
> > the first version (http://www.***.com/home) works and I can log in.
> > While I'm logged in by accident I entered the site through the
> > domain. Same page but the url is (http://home.***.com) - the session
> > is gone. However, it still exists if I enter without the subdomain.
> >
> > Again, the code works..... it just appears to me that a session is
> > depending on the url being the same.
> >
> > Are sessions url dependent? If so, is there a work-around?
>
> Cookies are host dependant (with an optional path).
> home.*.com is not the same host as www.*.com
>
> Carrying on sessions between domains is therefor not possible by cookie.
> The only workaround is carrying over the session_id by a POST or GET
> variable, and it may be necessary to write your own session_handler,
> instead of the default one in PHP, so you can still collect previously set
> session-data. This is not recommended, but possible.
>
> I'd say I'm interested what the 'certain problems' were that you had to use
> this contruction, it may be easier to fix those :-)
The main problems I had occurred when I tried to create a "base" html
link to my site using:
$base="http://".$_SERVER['HTTP_HOST'].$_SERVER['PHP_SELF'];
This way anytime I wanted to redirect back to the same page, all I would
need to do is:
href="$base"
That created problems with the home subdomain. So I simply used the
following instead:
$base="http://www.*.com/home/index.php";
This worked.. until I discovered (and the reason why I posted in the
first place) that sessions appeared to be dependent on the url.. which I
actually did read about (php.net) but had forgotten up until this point.
I want to allow family to create their own accounts on my site, to be
able to log in with their own data. Thought PHP would be the best route.
Thought I had everything figured out until this popped its ugly head up.
[Back to original message]
|