doucai4274 2013-11-20 09:02
浏览 40
已采纳

在php中的子域上共享会话

I have a problem sharing the session between two subdomains, and I've read a lot of threads here and other places.

I have www.xx.com and sub.xx.com and I've set 

session_name("PHPSESSXX");
session_set_cookie_params(0, '/', '.xx.com');

and the session.save_path is the same on both domains.

I get a cookie called PHPSESSXX on both domains, and it has the same value.

When I log on to www.xx.com I get a session with some details in it, and it stays that way until I go to sub.xx.com. Then the session on sub.xx.com is empty, and if I refresh www.xx.com, the session there is gone as well. So it does something, but it seems to be overwriting the session data each time I visit a different subdomain.

Any ideas anyone? - Can i debug this somehow?

Btw: I'm using ssl on both domains.

cheers

  • 写回答

2条回答 默认 最新

  • duan198409 2014-01-08 13:25
    关注

    My solution was to set a flag in .htaccess like this:

    php_flag "suhosin.session.cryptdocroot" 0

    And it now works perfectly ;o)

    The problem was that Suhosin was installed on the system, and the ini variable 

    suhosin.session.cryptdocroot = On

    encrypted the session files in such a way, that when a different subdomain tried to change the session, it deleted everything for security reasons.

    It didn't work for me to set the variable to Off or [nothing] in the ini-file, though maybe I didn't find the right file.

    I also tried setting it in PHP without any luck. Like this:

    ini_set('suhosin.session.cryptdocroot', 0)

    cheers

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论
查看更多回答(1条)

报告相同问题?

悬赏问题

  • ¥15 centos7.9 IPv6端口telnet和端口监控问题
  • ¥120 计算机网络的新校区组网设计
  • ¥20 完全没有学习过GAN,看了CSDN的一篇文章,里面有代码但是完全不知道如何操作
  • ¥15 使用ue5插件narrative时如何切换关卡也保存叙事任务记录
  • ¥20 海浪数据 南海地区海况数据,波浪数据
  • ¥20 软件测试决策法疑问求解答
  • ¥15 win11 23H2删除推荐的项目,支持注册表等
  • ¥15 matlab 用yalmip搭建模型,cplex求解,线性化处理的方法
  • ¥15 qt6.6.3 基于百度云的语音识别 不会改
  • ¥15 关于#目标检测#的问题:大概就是类似后台自动检测某下架商品的库存,在他监测到该商品上架并且可以购买的瞬间点击立即购买下单