Page 1 of 1
$_SESSION Cookie
Posted: Fri Apr 30, 2010 6:35 pm
by Plxply
Hello,
I currently have a basic login system set up where once the user has been authenticated their UID is stored in a $_SESSION variable, however I'm having the issue where if the user access my site through example.com rather than
www.example.com they would be issued another cookie with a different session ID. Is there a way to make the session cookie apply to both example.com and
www.example.com? Or at least a way to detect if my site has been accessed this way and redirect appropriately?
Thanks for your help,
Re: $_SESSION Cookie
Posted: Fri Apr 30, 2010 6:44 pm
by mecha_godzilla
You could use the $_SERVER["REQUEST_URI"] value to do this. You might want to think about regenerating the session_id after the user has been authenticated anyway (as this is a good practice) and you can then redirect the user's browser using the correct URL format (so they can log-in at either domain.com or
www.domain.com but will always be redirected to
www.domain.com).
HTH,
Mecha Godzilla
Re: $_SESSION Cookie
Posted: Fri Apr 30, 2010 7:06 pm
by Plxply
Thanks for your advice regarding the regeneration of the session ID mecha_godzilla!
Although I fail to understand how $_SERVER['REQUEST_URI'] will allow me to see if they have access example.com or
www.example.com as it just appears to show the file which was accessed for example /index.php. Am I doing something wrong, and if so would it be possible for you to provide me with a quick code snippet that would allow me to detect this and redirect as appropriate.
Re: $_SESSION Cookie
Posted: Fri Apr 30, 2010 7:18 pm
by mecha_godzilla
Erm...you might want to try this instead:
$_SERVER['SERVER_NAME']
or even:
$_SERVER['HTTP_HOST']
or even:
$_SERVER['SERVER_ADDR']
See this article to see what the difference is between the first two and why you might not want to rely on SERVER_NAME:
http://shiflett.org/blog/2006/mar/serve ... -http-host
Not sure what the difference is between SERVER_NAME and SERVER_ADDR, so will look into this shortly.
Apologies for the misinformation. Apparently it's been a bit of a long night for some people - off to bed for me I think
M_G
Re: $_SESSION Cookie
Posted: Fri Apr 30, 2010 7:39 pm
by Plxply
Thanks for your help, the solution you have suggested works perfectly.