session_set_cookie_params on multi-domain sites
Posted
by nillls
on Stack Overflow
See other posts from Stack Overflow
or by nillls
Published on 2010-05-12T20:42:35Z
Indexed on
2010/05/12
20:44 UTC
Read the original article
Hit count: 154
Hi! I'm currently developing for an application (www.domain.se, .eu) where we're experiencing problems with sessions not propagating across domains. Internet Explorer is the root cause of this, as it will differentiate sessions depending on whether we're typing in "domain.se" or "www.domain.se". Due to some unfortunate redirecting, we're not able to keep the user on the same address the user typed in, instead we're always redirecting to www.domain.se on login. Needless to say, IE users can not login when typing "domain.se".
To make this error go away, we implemented a function to try and set the session to be valid across all possible domains by doing the following:
if($_SERVER['HTTP_HOST'] == "domain.se")
{
session_set_cookie_params(3600, '/', '.domain.se', true);
}
There are basically a few if:s that we go through depending on what address the user typed in, but the third argument stays the same.
This, however, results in no-one being able to log in, regardless of domain. I've tried reading up on how session_set_cookie_params() works but to no avail.
Any help is greatly appreciated!
© Stack Overflow or respective owner