 |
 |
Find a programming school near you
php-general | 2005051
Date: 05/14/05
- Next message: Marek Kilimajer: "Re: [PHP] MySql injections (related question)"
- Previous message: Jared Williams: "RE: [PHP] DOMDocument and html doctype"
- In reply to: Richard Lynch: "Re: [PHP] Re: Same sessions / different domains"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Richard Lynch wrote:
>
>
>
> On Fri, May 13, 2005 1:06 am, Marek Kilimajer said:
>
>>Richard Lynch wrote:
>>
>>>On Thu, May 12, 2005 6:58 am, Shaun said:
>>>
>>>
>>>>$_SERVER['HTTP_HOST']
>>>>
>>>>"Mbneto" <mbneto <email protected>> wrote in message
>>>>news:5cf776b80505120435724fab <email protected>
>>>>Hi,
>>>>
>>>>I need to access a website (written in php) using two different
>>>>domains (www.foo.com and www.bar.com). I must see the same content.
>>>>
>>>>Since the site uses session and cookie variables I was wondering if
>>>>(and how) it's possible to create a session id that is valid for the
>>>>domains I'll be using...
>>>
>>>
>>>There is no built-in way to just tell the browser that it's okay for
>>>cookie X to work for both foo.com and bar.com
>>>
>>>You will have to write some code that passes the cookie name/value
>>>between
>>>foo.com and bar.com
>>>
>>>You might have a special script like 'propogate_cookie.php' something
>>>like:
>>><?php
>>> $var = $_REQUEST['var'];
>>> $value = $_REQUEST['value'];
>>> setcookie($var, $value);
>>>?>
>>>
>>>Put this on both servers, and then when somebody surfs to foo.com you
>>>do:
>>><?php
>>> session_start();
>>> $file =
>>>file("http://bar.com/propogate_cookie.php?var=PHPSESSID&value="
>>>. session_id());
>>>?>
>>
>>The above will deadlock. session_start() locks the session file, then
>>you try to read from http://bar.com/propogate_cookie.php, this script
>>will try to use the same session file, but it will be never unlocked.
>>
>>Propagating session id in url when linking across domains and having
>>common session storage is completely sufficient. If you are concerned
>>user might browse to the other domain by other means than using a link
>>from the first domain, you can use a 1x1 pixel image linking to the
>>other domain with session id in url.
>
>
> I was actually thinking of foo and bar as totally separate machines when I
> typed that, mostly.
>
> But I'm not quite convinced that doing a setcookie on bar.com is going to
> deadlock the session from foo.com, even if they use the same file-system.
Now I see what you wrote :) Well, it aint gonna work, you send cookie to
php's file() function, not to the browser.
-- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
- Next message: Marek Kilimajer: "Re: [PHP] MySql injections (related question)"
- Previous message: Jared Williams: "RE: [PHP] DOMDocument and html doctype"
- In reply to: Richard Lynch: "Re: [PHP] Re: Same sessions / different domains"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
