Sessions and Subdomains

Rex__

Hello,

I have a site that uses subdomains. Members log in and then I use session variables to keep them logged in.

The problem is that if someone logs in at http://www.mysite.com and then they go to http://members.mysite.com , their session variables don't seem to work.

Does anyone know how to get around this problem to keep users logged in throughout my site?

Thanks for your help 🙂

Daveyz83

Originally posted by Rex__
Hello,

I have a site that uses subdomains. Members log in and then I use session variables to keep them logged in.

The problem is that if someone logs in at http://www.mysite.com and then they go to http://members.mysite.com , their session variables don't seem to work.

Does anyone know how to get around this problem to keep users logged in throughout my site?

Thanks for your help 🙂

usually u can just append the session ID to the end of the url if u r going to direct user to another sub domain.

matto

I suppose this is due to the fact that sessions use cookies and cookies are strict with the path and domain (for security reasons): website scripts should not be able to read out another site's cookies (even when in a different path on the same domain).

however you can configure this in php.ini and via ini_set:
http://www.php.net/manual/en/ref.session.php
esp.:
session.cookie_path
session.cookie_domain

I have not tried that yet (with normal cookies only), but it may be a useful hint ...