doucai4274 2013-11-20 09:02
浏览 40
已采纳

在php中的子域上共享会话

I have a problem sharing the session between two subdomains, and I've read a lot of threads here and other places.

I have www.xx.com and sub.xx.com and I've set 

session_name("PHPSESSXX");
session_set_cookie_params(0, '/', '.xx.com');

and the session.save_path is the same on both domains.

I get a cookie called PHPSESSXX on both domains, and it has the same value.

When I log on to www.xx.com I get a session with some details in it, and it stays that way until I go to sub.xx.com. Then the session on sub.xx.com is empty, and if I refresh www.xx.com, the session there is gone as well. So it does something, but it seems to be overwriting the session data each time I visit a different subdomain.

Any ideas anyone? - Can i debug this somehow?

Btw: I'm using ssl on both domains.

cheers

  • 写回答

2条回答 默认 最新

  • duan198409 2014-01-08 13:25
    关注

    My solution was to set a flag in .htaccess like this:

    php_flag "suhosin.session.cryptdocroot" 0

    And it now works perfectly ;o)

    The problem was that Suhosin was installed on the system, and the ini variable 

    suhosin.session.cryptdocroot = On

    encrypted the session files in such a way, that when a different subdomain tried to change the session, it deleted everything for security reasons.

    It didn't work for me to set the variable to Off or [nothing] in the ini-file, though maybe I didn't find the right file.

    I also tried setting it in PHP without any luck. Like this:

    ini_set('suhosin.session.cryptdocroot', 0)

    cheers

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论
查看更多回答(1条)

报告相同问题?

悬赏问题

  • ¥50 求图像处理的matlab方案
  • ¥50 winform中使用edge的Kiosk模式
  • ¥15 关于#python#的问题:功能监听网页
  • ¥15 怎么让wx群机器人发送音乐
  • ¥15 fesafe材料库问题
  • ¥35 beats蓝牙耳机怎么查看日志
  • ¥15 Fluent齿轮搅油
  • ¥15 八爪鱼爬数据为什么自己停了
  • ¥15 交替优化波束形成和ris反射角使保密速率最大化
  • ¥15 树莓派与pix飞控通信