0

I have a domain myexampledomain.com with some subdomains in it.

So I set

session.cookie_domain = .myexampledomain.com

and everything works fine for the domain and all the subdomain.

But this is set in php.ini so it is at server level. Now I want to configure a new domain on the same server. Say myotherdomain.com. I want this other domain to handle its own cookies without mixing with myexampledomain.com

This question is about sharing the cookie between the two domains, I want it to be the opposite. How can I do it? The two domains have indipendent login systems and once the user is logged in a cookie is set. I want to set both cookies but each of them should be valid only for that domain. How should I change the php.ini for that? I think that session.cookie_domain = .myexampledomain.com will prevent to set cookies for myotherdomain.com

EDIT: I know how to handle this on the lower level (code level - php files) but I want to understand if there is a way to handle this at php.ini level (if this is feasible)

Lelio Faieta
  • 6,457
  • 7
  • 40
  • 74
  • Do not force it in the file (leave it blank), force it in the code, using https://www.php.net/manual/en/function.session-set-cookie-params.php. Each domain's files include a small PHP file to set that up for it's own context. It says *Set cookie parameters defined in the php.ini file. The effect of this function only lasts for the duration of the script. Thus, you need to call session_set_cookie_params() for every request and before session_start() is called.* – Nic3500 Apr 29 '21 at 02:40
  • Or set the domain explicitly in the call to setcookie() – Nic3500 Apr 29 '21 at 02:43
  • @Nic3500 thanks, I know this alternative. The question is different: is there a way to do it using php.ini? It is a specific question and the answer may also be "no". – Lelio Faieta Apr 30 '21 at 09:42
  • Hi, turns out you can (I did not think so). Look at https://www.howtoforge.com/how-to-specify-a-custom-php.ini-for-a-website-apache2-with-mod_php – Nic3500 May 02 '21 at 04:24
  • @Nic3500 thanks. This is very usefull, will try it. – Lelio Faieta May 03 '21 at 08:11
  • @Nic3500 no, actually you can't. Each Apache2 instance can use only one php.ini so only first PHPINIDir directive honored per configuration tree - subsequent ones ignored. It is possible using php_value directive inside vhost configuration specifying each value to be changed (luckily for me it is just one) – Lelio Faieta Jun 03 '21 at 08:22
  • ok thanks for letting me know. so you would be stuck with many instances of the whole suite (apache + php)... I will keep an eye out if you ever post some solution. – Nic3500 Jun 03 '21 at 18:49
  • if you read my last comment there is already a solution posted. Not for the whole php.ini but to ovrerride single parameters – Lelio Faieta Jun 04 '21 at 13:46

0 Answers0