This could be the sequel of this question: PHP Sessions across sub domains
I have a successful multi-domain session simply using this:
session_set_cookie_params(0, '/', '.domain.com');
session_start();
This code is working perfectly and if I visit domain.com or subdomain.domain.com I see the SESSION vars without problems and everything is working :)
The problem is when I try to logout from domain.com. I have tried everything for logout, even all this, as suggested in PHP session_destroy() manual:
// Unset all of the session variables.
$_SESSION = array();
// If it's desired to kill the session, also delete the session cookie.
// Note: This will destroy the session, and not just the session data!
if (ini_get("session.use_cookies")) {
$params = session_get_cookie_params();
setcookie(session_name(), '', time() - 42000,
$params["path"], $params["domain"],
$params["secure"], $params["httponly"]
);
}
1) session.use_cookies is ON, and setup correctly in the server 2) That code kills the session in the main domain, but not in subdomain.domain.com 3) $params shows correct information:
Array
(
[lifetime] => 0
[path] => /
[domain] => .domain.com
[secure] =>
[httponly] =>
)
But it's not working. The session is still alive when I visit subdomain.domain.com.
Any help please ! :)
Thank you!
