I'm currently using the following JavaScript to send POST data to a website of mine:
example1.com:
function buttonFunction() {
$.post("http://example2.com/core/file.php",{username:username, password:pword, coins:coins}, function(data) {
// Stuff
});
}
Then within file.php on example2.com I have the following to save and read a session:
<?php
namespace Penguin;
session_start();
if(isset($_SESSION['money_maker'])) {
echo "Cannot run.";
} else {
$_SESSION['money_maker'] = getmypid();
echo $_SESSION['money_maker'];
echo "Running.";
}
header('Access-Control-Allow-Origin: http://example1.com');
header('Access-Control-Allow-Credentials: true');
header('Access-Control-Allow-Methods: GET, PUT, POST, DELETE, OPTIONS');
header('Access-Control-Max-Age: 1000');
header('Access-Control-Allow-Headers: Content-Type, Authorization, X-Requested-With');
date_default_timezone_set('America/New_York');
error_reporting(0);
// REST OF THE PHP CODE
?>
As one can see, I set a session (if one has not already been set), and then if the session is already set, the script will echo "Cannot run."
However, the script never echos "Cannot run." even if I set the session on the previous AJAX run. In other words, the session is not being "saved." It always outputs "Running."
HOWEVER, in /var/lib/php5 it seems like the session files are being created, yet there are no cookies for the session in my browser. So when I try to test against $_SESSION['money_maker'] in my PHP file, it always outputs that it is NOT set. Any help?
EDIT 1:
It seems like the problem lies in the AJAX request. When I tried to run the script directly, the session was saved perfectly fine (and the cookie was created). It seems like when I try to send a POST request to the PHP file via AJAX from my different domain, the session is set (a session file is created in /var/lib/php5), but the cookie for the session is not created.
With that being the case, is there any fix?
