session_set_cookie_params on multi-domain sites

Posted by nillls on Stack Overflow See other posts from Stack Overflow or by nillls
Published on 2010-05-12T20:42:35Z Indexed on 2010/05/12 20:44 UTC
Read the original article Hit count: 154

Filed under:
|
|

Hi! I'm currently developing for an application (www.domain.se, .eu) where we're experiencing problems with sessions not propagating across domains. Internet Explorer is the root cause of this, as it will differentiate sessions depending on whether we're typing in "domain.se" or "www.domain.se". Due to some unfortunate redirecting, we're not able to keep the user on the same address the user typed in, instead we're always redirecting to www.domain.se on login. Needless to say, IE users can not login when typing "domain.se".

To make this error go away, we implemented a function to try and set the session to be valid across all possible domains by doing the following:

if($_SERVER['HTTP_HOST'] == "domain.se") {
session_set_cookie_params(3600, '/', '.domain.se', true);
}

There are basically a few if:s that we go through depending on what address the user typed in, but the third argument stays the same.

This, however, results in no-one being able to log in, regardless of domain. I've tried reading up on how session_set_cookie_params() works but to no avail.

Any help is greatly appreciated!

© Stack Overflow or respective owner

Related posts about php

Related posts about session