php cross domain session problem

Question

I am using wamp and i have setup a subdomain on localhost using wamp and when i go from localhost to subdomain.localhost the sessions from localhost doesnt work.

However, i searhed a bit and found that i may need to add

session_set_cookie_params(0, '/', '.localhost');

before

session_start();

but it seems it doesnt work.

Could it be vhosts problem?

this is how i have set up httpd-vhosts.conf

NameVirtualHost *:80
<VirtualHost *:80>
    DocumentRoot c:/wamp/www/
    ServerName localhost
</VirtualHost>
<VirtualHost *:80>
    ServerAdmin admin@test
    DocumentRoot "C:/wamp/www/sub/"
    ServerName  sub.localhost
    ServerAlias *.localhost
</VirtualHost>

score 2 · Answer 1 · edited May 23 '17 at 12:12

2

Here are 3 options.

Place this in your php.ini:

session.cookie_domain = ".example.com"

In your .htaccess:

php_value session.cookie_domain .example.com

As the first thing in your script:

ini_set('session.cookie_domain', '.example.com' );

From: Allow php sessions to carry over to subdomains

edited May 23 '17 at 12:12

Community

1
1

answered Jun 08 '11 at 11:06

Michael Robinson

29,278
12
104
130

i am trying to get it work on localhost, so i changed the domain to .localhost but it still doesnt work. – stergosz Jun 08 '11 at 11:08
the htaccess code goes on localhost htaccess or sub.localhost htaccess? – stergosz Jun 08 '11 at 11:09
Try changing your VirtualHost to localhost.local, or something like that (and adding a hosts entry for 127.0.0.1 localhost.local as well) – Michael Robinson Jun 08 '11 at 11:14
i changed ServerName on first virtualhost and still no luck, also added the htaccess code on both domain and subdomain and still no luck, a thing i noticed on live server is that the sessions domain is on .domain.com but on localhost it creates one on discuss.localhost and localhost without a (.) dot – stergosz Jun 08 '11 at 11:18
@fxuser Sorry, I meant: make both them use the root domain: `localhost.local` (i.e. something more than just `localhost`). I have a *possibly wrong* suspicion that it's not liking your TLD-less domain. – Michael Robinson Jun 08 '11 at 11:18
i changed both servernames where localhost to localhost.local but still no luck, also when i go to subdomain.localhost, it shows that the page does not exist and i have to go to subdomain.localhost/index.php to make it work.. i dont know if this is related to the problem... – stergosz Jun 08 '11 at 11:22
since i wanna try to make it work at localhost i found a way by creating a double session with phpsessid pointing to sub.localhost, is there any command to create 2 same sessions? one to localhost and the other to sub.localhost – stergosz Jun 08 '11 at 12:26

score 0 · Answer 2 · answered Jun 08 '11 at 12:39

Michael Robinson's answer is correct in that this is how cookies are supposed to work - however IME, implementations vary by browser. For a portable solution you should look at an SSO type approach.

If you want to rebind a session on the target machine rather than creating a new one (NB this is very bad practice)....

<?php
if ($_GET['remote_session_id']) {
  session_id($_GET['remote_session_id']);
}
session_start();

php cross domain session problem

2 Answers2