0

Is it possible to set session variable on php site for example B.com by calling CURL request from another php site for example A.com?

Here is a code, which sending post request from A.com to site B.com/extAuth.php

<?php
session_start();
$url = 'http://B.com/extAuth.php';
$params = array(
  'login' => 'login',
  'pwd' => 'pass'
);

$ch = curl_init();
$curlConfig = array(
   CURLOPT_URL            => $url,
   CURLOPT_POST           => true,
   CURLOPT_RETURNTRANSFER => true,
   CURLOPT_POSTFIELDS     => $params,
   CURLOPT_FOLLOWLOCATION => true,
   CURLOPT_COOKIESESSION => true,
   CURLOPT_COOKIEJAR => 'cookie.txt',
);
curl_setopt_array($ch, $curlConfig);
$result = curl_exec($ch);

curl_close($ch);
?>

Script on extAuth.php just set a SESSION['login'] = true. But when i open site B.com after sending this request from CURL, SESSION['login'] is undefined.

<?php
session_start();
if(isset($_POST['login'])&&($_POST['pwd'])){
   //aditionall logic here
   $_SESSION['login'] = true;
}
?>

But when i try send this request by ordinary html form placed on A.com site, SESSION variable is set. Here is code of form placed on A.com site.

<form action="http:B.com/extAuth.php" method="POST">
    <input type="text" name="login" id="login" value=""></td>
    <input type="password" autocomplete="off" name="pwd" id="pwd" value="">
    <input class="btn" id="btn_login" value="Login" type="submit">
</form>

Anybody know what i am doing wrong?

user1343294
  • 1
  • 3
  • have a look at: http://stackoverflow.com/questions/1339984/cross-domain-php-sessions and http://stackoverflow.com/questions/1064243/php-sessions-across-sub-domains/1064278 – Vedant Terkar Jun 29 '14 at 06:49
  • thx for reply but first post is for cookie issue not working with session and second link is for subdomain, i am not sure that it is work with totally different domain – user1343294 Jun 30 '14 at 10:26

0 Answers0