-1

I have a php app done in a custom framework (similar to CodeIgniter) which has a session.

The session cookie has root as path.

app

App url: sub.domain.com/admin/index.php

App dir path: 'public_html/admin/index.php'

Here $_SESSION is fine, with all the data.

...

I created a new directory: public_html/new/index.php

When viewing this new page, the session cookie is still there, but $_SESSION is empty.

  1. What could be the explanation?

  2. Could I get $_SESSION data otherwise?

Lemures
  • 474
  • 5
  • 11
  • 1
    Possible duplicate of [Allow php sessions to carry over to subdomains](https://stackoverflow.com/questions/644920/allow-php-sessions-to-carry-over-to-subdomains) – Classified Aug 03 '18 at 08:17
  • @Classified I don't think this has anything to do with the subdomain – Lemures Aug 03 '18 at 08:18
  • Have you tried the solution in the link I provided? – Classified Aug 03 '18 at 08:19
  • @Classified I edited the question. Kindly, check it. – Lemures Aug 03 '18 at 08:42
  • Why is part of your cookie name “dynamic”? Where is _that_ info stored, so that the next script would know what cookie to look for to pick up the session? _“Could I get a cookie doing something like $_COOKIE['old_cookie_*'] ?”_ - no. You could loop through all cookies and check if you find on that matches this “format” - but what sense would that make eventually? If you are using this “dynamic” part of the cookie name to increase security somehow(?), then such a “wildcard match” would undo that again right away. – CBroe Aug 03 '18 at 08:49
  • @CBroe The app is not made by me and the idea is for me not to touch the code inside it. I think the app works just by using ajax calls, that why the dynamic cookie works fine. – Lemures Aug 03 '18 at 08:57
  • _“the app works just by using ajax calls, that why the dynamic cookie works fine”_ - I don’t see how that would explain how the server-side scripts would know which session cookie name to look for …? – CBroe Aug 03 '18 at 09:01
  • @CBroe It seems the number is calculated from the licence key and it seems it is not really dynamic, as I can get the name now (sorry). But still, I have **p2** which I don't understand. – Lemures Aug 03 '18 at 09:14
  • Well regarding that you will have to do some more debugging then; can’t expect us to be able to say much about a “custom framework” we don’t know the first thing about. – CBroe Aug 03 '18 at 09:15

1 Answers1

0

The answer to the original question is the following:

Both of these work:

session_name('old_session_name');
session_start();

// OR 
session_id($_COOKIE['old_cookie_231']);
session_start();
Lemures
  • 474
  • 5
  • 11