1

I've got a problem. I hope you'll help me to solve it.

I'm creating chat with LONG POLLING. To keep main domain ajax requests (send message) untouched (unqueued), I had to put my long-polling script to subdomain. So I've got 2 "domains"

foo.cz channel.foo.cz

I do not mind about any Same Origin Policy right now as I put 

header("Access-Control-Allow-Origin: *");

at top of that script. I also do use 

ini_set('session.cookie_domain', '.foo.cz');

in all scripts (sending, receiving, chatting room).

For debugging, i've got this in my channel.foo.cz/getNews.php: 

print_r($_SESSION);
print_r($_COOKIE);
die();

My problem is:

  1. I do load chatting room
  2. Ajax (jquery) requests channel.foo.cz/getNews.php

  3. getNews.php returns this:

    array()array()

  4. It look that cookies and session isn't setted up. But! If I look into my FF cookie browser, I do see that domain for these cookies set in chatRoom is .foo.cz

  5. If I try to copy ajax request uri and paste it into browser url, it returns me

    array([username] => martin)array([SESSID] => some1D65a4s6d54asd)

How is that possible? Sorry for long question and thanks for all answers!

genesis
  • 50,477
  • 20
  • 96
  • 125

2 Answers2

1

You need to look at session_set_cookie_params function's third parameter. It sets the domain name where the cookie with SID is valid in.

Ondřej Mirtes
  • 5,054
  • 25
  • 36
  • I said that there is ini_set('session.cookie_domain', '.bidmanie.cz'); When I look into FF cookie browser I see correct domain. I now noted that jquery DOES NOT SEND SESSION ID, so I'm receiving new session ID everytime! – genesis May 22 '11 at 20:21
  • So it looks like rather some Javascript or jQuery bug. – Ondřej Mirtes May 22 '11 at 20:38
  • I tried this: .ajax({timeout: 52000,headers: {Cookie: "PHPSESSID="+SSID},url:'http://channel.foo.cz/getNews.php?__='+SSID}); but request header doesn't change (no cookie: header specified) – genesis May 22 '11 at 21:51
  • BTW Ondeji, could you give me some contact, like Skype? I would like if you could help me directly, we're speaking in same language (CZ) ;) – genesis May 22 '11 at 21:53
  • 1
    No, sorry. I don't like giving my private contact info, because you have much bigger probability of getting the answer if you ask on a public site like SO. Also, I like to answer questions voluntarily and not if I'm forced to by asking directly on IM. Thanks for understanding. – Ondřej Mirtes May 23 '11 at 12:48
  • Thats ok. But I tried much networks and forums, nobody helped me. I think you're my last chance :/ – genesis May 23 '11 at 13:20
1

I've got it. Browser is restricting to send cookies to another subdomain So I have used iframe which is sending request to my subdomain. However, there were some problem when there were vanishing sessions. Solution? php.ini:

suhosin.session.cryptdocroot=Off

suhosin.cookie.cryptdocroot=Off
genesis
  • 50,477
  • 20
  • 96
  • 125