0

I have seen some of the questions that others have asked regarding this same issue but I don't seem to be having much luck in my situation and would appreciate some clarification.

I need to pass a session variable from domain1.com to domain2.com. I have full access to both domains. I am using cURL to have domain1.com/caller.php access domain2.com/receiver.php. Once cURL finishes executing I get a status returned. If that status is good I use header("Location: auto_submit.html") to load a page that automatically submits a form/redirects to domain2.com/test.php. However when the page loads the session variable is not set. Here is what I have in domain1.com/caller.php 

...
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, "domain2.com/receiver.php");
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, $result[0]);
curl_setopt($ch, CURLOPT_RETURNTRANSFER , true);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_COOKIEJAR, '/tmp/cookies.txt');
curl_setopt($ch, CURLOPT_COOKIEFILE, '/tmp/cookies.txt');
$curl_result = json_decode(curl_exec($ch));
curl_close($ch);
if ($curl_result->status === 1)
{
    header("Location: ./auto_submit.html");
    exit;
} else {
    foo();
}
...

auto_submit.html just redirects to domain2.com/test.php. What, if anything, do I need on domain2.com/test.php so that it will use the information in the cookie file and will be accessible in $_SESSION?

Ricca
  • 311
  • 4
  • 21
  • is http://stackoverflow.com/questions/3342140/cross-domain-cookies usefull? P.s php session cookie is set per domain. – user993553 May 03 '16 at 23:09
  • In [this answer](http://stackoverflow.com/a/25861695/3377592) there seems to be a way to force it to work by changing the header information. So in `domain1.com` would I include those lines before the cURL call? – Ricca May 03 '16 at 23:24
  • I think many browsers/users have disabled third party cookies.. so perhaps your best option is to move in another direction...? – user993553 May 03 '16 at 23:48

0 Answers0