You can change the session name, from the default PHPSESSID
to a custom name for each sites. You can do it with session_name
:
// change the session name for bbb.aaa.com
session_name('PHPSESSID_bbb_aaa_com');
It will be used that name to create a cookie name, unique for each domain.
Then you can change the domain
attribute of the cookie for each domain. You can do it by changing the session.cookie_domain
on your php.ini file.
; instead of allows all the subdomain with ".aaa.com", specify them with:
session.cookie_domain = bbb.aaa.com
You can also do it at runtime with session_set_cookie_params
.
However, this isn't enough! If the session id is the same, even if you used different session names, the same data will be loaded, if the session informations are stored in a shared folder. To solve this problem, you can change the session.save_path
configuration directive to an unique folder for each domain. You can do it at runtime with session_save_path
:
session_save_path('/path/to/sess_for_bbb_aaa_com');