session_start(); isn't serving its purpose

Question

I print the name of logged users from database throughout the domain and sub-domains.

To pass session from one page to another in domain I use the function

session_start();

which serves its purpose perfectly on PHP server of one host but it's not working at all on the application server of the other host.

Similarly, to pass session from one page to another between domain and sub-domains I use the function

session_set_cookie_params

That serves its purpose perfectly on PHP server of one host but it's not working at all on the application server of the other host.

current session configuration on PHP server of the other host is as following:

session.auto_start   Off
session.cookie_path  /
session.save_path    /tmp

I'm using the exact same application in two different sites with separate hosts. What's going wrong with the application server configuration of the other host?

Example:

one page to another page in www.mysite.com itself and between www.mysite.com, www.sub1.mysite.com and www.sub2.mysite.com

I might be in the wrong direction here, but have u checked PHP's safe_mode option? — DaGhostman Dimitrov, Jul 04 '13 at 15:06
you want to share php session between: `www.yourapplication.com` to `www.myotherhost.com` ? Or you mean subdomains? `sub1.domain.com` and `sub2.domain.com` ??? — Tomás, Jul 04 '13 at 15:07
In my understanding, the session is for one host only. If you want to implement such feature, you will have to implement a way to pass the information of the session from a server to another. Look at http://en.wikipedia.org/wiki/Security_Assertion_Markup_Language SAML — Bertrand, Jul 04 '13 at 15:08
@Tomás, from one page to another page in www.myhost.com itself and between www.myhost.com, www.sub1.myhost.com, www.sub2.myhost.com..., thanks, — Klanto Aguntuk, Jul 04 '13 at 15:11
http://stackoverflow.com/questions/1064243/php-sessions-across-sub-domains — Tomás, Jul 04 '13 at 15:20
@Tomás, session is already working perfectly in one of my sites i'm hosting with one host. i have edited my question. — Klanto Aguntuk, Jul 04 '13 at 15:23
@Bertrand thanks, but i guess i was unable to make you understand my question. i have edited my question. — Klanto Aguntuk, Jul 04 '13 at 15:24
If this two different sites share the same database, then maybe you can have a way of sharing the session using the database. — Tomás, Jul 04 '13 at 15:37
@Tomás that's not it. it's about the application server configuration of two different hosts. — Klanto Aguntuk, Jul 04 '13 at 16:04

score 0 · Answer 1 · answered Jul 04 '13 at 16:09

0

By default, cookies only apply to exact domain matches. As PHP sessions rely on those, the same rules apply.

You can alter the settings PHP uses for sessions using session_set_cookie_params or the related ini configurations.

session_set_cookie_params(3600*24, '/', '.mysite.com');

Note the leading dot on the domain to indicate all subdomains apply.

answered Jul 04 '13 at 16:09

Louis-Philippe Huberdeau

5,341
1
19
22

can't i use it like `$session = session_name("session"); session_set_cookie_params(3600*24, '/', '.mysite.com'); session_start();` in a file itself? Thanks, – Klanto Aguntuk Jul 04 '13 at 17:06
I don't understand your follow-up question. – Louis-Philippe Huberdeau Jul 05 '13 at 12:48
i mean can't i use the above block of code inside a file itself instead of ini configuration? by the way what is the right `PHP_INI_* modes` where i can set the entry as suggested by you? thanks, – Klanto Aguntuk Jul 05 '13 at 17:54
Sure. I only mentioned it was also possible to do it from the ini configurations. As long as the calls are made before session_start(), it will do the exact same thing. – Louis-Philippe Huberdeau Jul 05 '13 at 19:10

session_start(); isn't serving its purpose

1 Answers1