3

I'm trying to set my PHP $_SESSION and have it usable across all subdomains. This works fine except when trying to retrieve the session from the root domain (www).

If I initiate the session while on www then it will not share with any sub domain. If I initiate the session while on a sub domain it will not share with www.

I have the session_set_cookie_params (index.php) and session.cookie_domain (php.ini) set correctly to .domain.com

When I echo $_COOKIE["PHPSESSID"] on www I get a string of characters that is different from the string of characters used on all sub domains. All sub domains have the same value for $_COOKIE["PHPSESSID"].

I would like to be able to initiate the session on www and be able to use that session on all sub domains as well. Is there any solution to this?

Thank you for any and all help.

Todd Low
  • 437
  • 1
  • 3
  • 8
  • There's `domain` parameter in `setcookie` - are you explicitly setting that, too? – andrewsi Sep 23 '12 at 15:56
  • Please add you concrete php.ini settings to the question as well as the call and data for `session_set_cookie_params`. That "code" is missing. Also I think this question has been asked earlier, probably this is: [Subdomain Session Issue](http://stackoverflow.com/questions/5458559/subdomain-session-issue) – hakre Sep 23 '12 at 16:10

1 Answers1

3

Try setting a name for the session

session_name("domain");

before setting the session cookie parameters.

session_name("domain");
session_set_cookie_params(0, '/', '.domain.com');
session_start();
HoldOffHunger
  • 18,769
  • 10
  • 104
  • 133
MWC
  • 164
  • 4
  • Why do you name the session “domain”? – Gumbo Sep 23 '12 at 16:10
  • And why do you suggest that to try? What is the reasoning to try that? – hakre Sep 23 '12 at 16:13
  • @Gumbo: you can name it anything. – MWC Sep 23 '12 at 16:45
  • @hakra: because i had ran into a similar problem few months ago. – MWC Sep 23 '12 at 16:46
  • @MWC Renaming the session shouldn’t have any effect on this issue. It’s the cookie’s domain. – Gumbo Sep 23 '12 at 16:54
  • @Gumbo: I am not asking to rename the session. Just set a name for the session. – MWC Sep 23 '12 at 17:03
  • @MWC There is already a [default name for PHP’s sessions](http://php.net/manual/en/session.configuration.php#ini.session.name): `PHPSESSID.` – Gumbo Sep 23 '12 at 17:20
  • @Gumbo [http://php.net/manual/en/function.session-set-cookie-params.php#104678](http://php.net/manual/en/function.session-set-cookie-params.php#104678) – MWC Sep 23 '12 at 17:48
  • @MWC So what? The linked comment just says that session cookie settings do not effect cookies set by `setcookie`. – Gumbo Sep 23 '12 at 18:09
  • @Gumbo I don't know what the actual issue might be. But, setting the session_name fixes the issue. – MWC Sep 23 '12 at 19:32