Page 1 of 1

Share SESSION variables?

Posted: Thu Apr 27, 2006 6:28 pm
by J_Iceman05
I have 2 different websites that are on the same server. one will be www.name.com and other store.name.com...
I want to be able to share some $_SESSION variables between both sites... is this even possible?
If so, is there a certain command or do I need to try and find some sort of work-around for it?

Thanks in advance for everyone's help.

Posted: Thu Apr 27, 2006 6:57 pm
by RobertGonzalez
If you are using cookie based PHP sessions it might not work. If you used a database sessions system, this would be no problem.

Posted: Thu Apr 27, 2006 7:03 pm
by feyd
Cookie based isn't a problem either. Simply set the domain to ".name.com" (note the leading dot) for the cookie via session_set_cookie_params()

Posted: Fri Apr 28, 2006 12:08 am
by RobertGonzalez
Doh! Totally blanked on that one. In fact, I have used that (recently, I might add :oops: ) on a project I was working.

Where was I on that one? :?

Posted: Fri Apr 28, 2006 12:13 pm
by J_Iceman05
what if I am currently not using a database session system, or cookie based?

Posted: Fri Apr 28, 2006 12:21 pm
by feyd
You'd likely have to manually add the session ID information to the URL for the other site to pick up.

Posted: Fri Apr 28, 2006 6:01 pm
by J_Iceman05
Okay... I don't really want to pass the info through the URL so I tried the cookie thing and it's not working for me, so what do i have wrong?
[php
$CookieInfo = session_get_cookie_params();
session_set_cookie_params($CookieInfo['lifetime'], $CookieInfo['path'], '.name.com', $CookieInfo['secure']);


$CookieInfo['lifetime'] is set to 0, so I have also tried setting it to something else, because i thought that perhaps leaving th www site would delete the cookie or something, but still no luck.
Also, I have made sure that the session_set_cookie_params() is before the session_start() for everything, just like it said on the php.net page

on the store site, I used " $_COOKIE['name_of_cookie'] "... but it comes up as unset or non-existant for the store site...
(http://www.php.net/manual/en/function.setcookie.php says to use $_COOKIE)

I can go back and forth between sites and the www site retains the cookie info... but the store site does not...

Can you help me on what I'm doing wrong?
Thank you

Posted: Fri Apr 28, 2006 6:20 pm
by RobertGonzalez
This was take from the comments on the PHP Manual page that Feyd referenced...
shrockc at inhsNO dot SPAMorg wrote:When setting the path that the cookie is valid for, always remember to have that trailing '/'.

CORRECT:
session_set_cookie_params (0, '/yourpath/');

INCORRECT:
session_set_cookie_params (0, '/yourpath');

no comment on how long it took me to realize that this was the cause of my authentication/session problems...
This was another comment...
jordi at jcanals dot net wrote:Something that has taken me some time to debug: session_set_cookie_params() does not work when the domain param is just a one level domain, like it was a TLD.

I have a site in an intranet and our internal domain is .local, so trying to set the cookie session to the .local domain does not work:

session_set_cookie_params(0, '/', '.local'); // Does not work

In all test I've done, setting the domain only works for SLDs and above:

session_set_cookie_params(0 , '/', '.sld.local'); Does work

This is nothing to do with PHP but the http protocol, witch does not permit setting cookies for TLDs for obvious security reasons.
Maybe there is something that you can do with these comments that will help you?

Posted: Sat Apr 29, 2006 3:13 am
by J_Iceman05
well the trailing '/' I will have to add and see...
but the whole tld, sld thing... i dont know what that is...
Right now, i'm guessing a tld is like ".net" and the sld is like "devnetwork.net"...
oh well... more research to do.

I appreciate your help though. I missed those comments.
Thank you very much Everah and feyd.

Posted: Mon May 01, 2006 1:55 pm
by J_Iceman05
ok... so i did my research on that sld / tld thing, and i was right...
tld (Top-Level-Domain) would be .net part
and sld (Second-Level-Domain) is the devnetwork part

so the domain of my cookies should now be pointing to ".name.com/"
This should allow both the third levels of 'www' and 'store' to access the cookies right?
Well... only 1 cookie is shared between the sites... sometimes...
the rest of the cookies are not shared

It also seems that some cookies i try to set arn't actually getting set...
I use the same function to set all cookies... but sometimes cookies don't get set.
I have even gone into to see if the cookies are set... not just from using the $_COOKIE variable... and i can't find the cookies i want. But i know it goes through the function to set the cookies
... any ideas?
Thanks again.

Posted: Mon May 01, 2006 5:09 pm
by J_Iceman05
ok, so i pretty much left for lunch right after i posted that last one... well i have been back for a little while and have been trying a few things...

also notice i said 1 cookie was shared sometimes... that is because 1 was being shared on friday, but not today (after clearing my cookies)
I just removed the "/" at the end so now the domain is ".name.com" instead of ".name.com/" and the cookies to be getting shared, and some of the ones that weren't being set are now being set (and also shared between the 'store' and 'www' sites)

And I dont know if this is a normal problem but i can't seem to rewrite a cookie... (change the value of a cookie i have already set)

... any ideas on that?
Thanks for any help anyone can give