9

I am currently developing two web sites, and debugging them by connecting to localhost.

The first site is referenced with http://localhost/web1 and the second is referenced with http://localhost/web2.

I have created a login script for each in which three domain-specific session variables are set, e.g.:

  1. $_SESSION['web1_user']
  2. $_SESSION['web1_login']
  3. $_SESSION['web1_sessionID']

However, when I log in to both sites on the same browser, then log out of one site (which fires session_destroy(), I am automatically logged out of the second site as well.

Any ideas as to how I might resolve this problem would be very much appreciated. :(

Troy Alford
  • 26,660
  • 10
  • 64
  • 82
guri
  • 662
  • 2
  • 8
  • 26
  • 1
    Don't use session_destroy for this case. Instead, unset the session keys for each website in particular. – oxygen Oct 15 '12 at 06:32
  • If you don't want to edit your code as the solution below point out, which are good btw. I would suggest you take a look at creating virtual hosts and editing your host file. This way you can fake that you are working on fully qualified domain names for both applications, where the domain names are different. This would solve your localhost problem in an instant. – bkwint Oct 15 '12 at 06:41

9 Answers9

9

Ahhh, the pleasures of shared hosting! The best thing to do is simply use a different browser for each site whenever you actually require being logged in to both sites simultaneously...

To explain why this is important, you must understand the following, however:

Session variables are stored on the server, with a keyed reference on the server and a cookie on your browser. Once you unset and destroy either of the two, a match can no longer be made - and your session is gone!

session_start();
session_unset();
session_destroy();

The above will kill all session variables linking the server to your browser (on the server side).

The way to manage this easily is to make session variables into another set of arrays:

$_SESSION["site1"] = array( $user_id, $session_id );
$_SESSION["site2"] = array( $user_id, $session_id );

You could of course make it fancy:

$_SESSION['site3']['userID']    = 'someuserid';
$_SESSION['site3']['sessionid'] = 'somesessionid';

Then when you logout from site 1

session_start();
unset($_SESSION['site1']);

In this case, you have created a separate session management system for each site (using a two-dimensional array, the top layer of which is keyed by your site's identifier). This makes it so that each site manages a separate set of session variables - and when you destroy one, you do not touch the others.

However, I realllllllllly recommend using different browsers instead (or in addition)...

Troy Alford
  • 26,660
  • 10
  • 64
  • 82
ParadoxWs
  • 213
  • 2
  • 7
3

I recently solved a problem which is related to your question. Originally, I was looking for an implementation similar to what you are describing, and after doing quite a bit of searching around - this is what I came up with:

Site 1 :

ini_set("session.cookie_domain", "yourdomainname");
$some_name = session_name("some_name");
$domain = 'your domain name';
session_set_cookie_params(0, "/", $domain);
session_start();
$_SESSION['user']=$_POST['user'];
$_SESSION['password']=$_POST['password'];

Site 2 :

$some_name = session_name("some_name");
ini_set('session.cookie_domain', 'yourdomainname');
session_start();
echo $_SESSION['user'];
echo $_SESSION['password'];

This change worked well for me - and my guess is that it will also help you.

Troy Alford
  • 26,660
  • 10
  • 64
  • 82
J.K.A.
  • 7,272
  • 25
  • 94
  • 163
1

Use 

session_name('web1');

before session_start();

Hkachhia
  • 4,463
  • 6
  • 41
  • 76
Amit Garg
  • 3,867
  • 1
  • 27
  • 37
0

Set a different session name in each app, either via session_name() or via session.name.

Ignacio Vazquez-Abrams
  • 776,304
  • 153
  • 1,341
  • 1,358
0

you can use this

ini_set("session.cookie_domain", ".example.com");
StaticVariable
  • 5,253
  • 4
  • 23
  • 45
0

You need to make a different host for different site

in this case you have two site running on same host called localhost so for same host name sessions are shared.

HVKotak
  • 258
  • 5
  • 12
0

Include the file with the session start in the second domain.

web1 contains the session start file, web2 include('../web1/session.php');

John Smith
  • 49
  • 5
-1

You can use different session name in all website like for first website you have used $_SESSION['web1_user'], $_SESSION['web1_login'], $_SESSION['web1_sessionID'] then second website you can use $_SESSION['web2_user']

I have already face this problem and solved it using different name of session.

Hkachhia
  • 4,463
  • 6
  • 41
  • 76
-2

Bez sessions are shared in the same browser, so if you logout from one tab, the other tabs will be logged out,

Example: I login in Chrome, and I open in another Chrome, the Sessions are shared, so if i logout from one, the other one gets logged out automatically!

meWantToLearn
  • 1,691
  • 2
  • 25
  • 45