Passing session variables to sub domains

[SPYDERIX]

Hi,

I am creating a login system for clients to view their site on our test servers. I have a login consisting of a form for username and password.

I then query the client db to check if the user exists and if the password is correct for the user, then I create a sesssion and register the var's and then redirect to the test site. This all works great but the problem I have is that the session variables aren't carrying over to the subdomain.

Is this possible and how do I do it?

=================My PHP code is as follows===============
Checking db and creating session:

<?php

session_start();

$host = &quot;localhost&quot;;
$username = &quot;user&quot;;
$password = &quot;pass&quot;;
$db_name = &quot;db_name&quot;;
$table_name = &quot;table_name&quot;;

$connect = mysql_connect(&quot;$host&quot;,&quot;$username&quot;,&quot;$password&quot;

mysql_select_db(&quot;$db_name&quot;,$connect);

$sql = &quot;SELECT * FROM `$table_name` WHERE `user` = '&quot; . $_POST[&quot;username&quot;] . &quot;' AND `pass` = '&quot; . $_POST[&quot;password&quot;] . &quot;'&quot;;

$query = mysql_query ($sql);

$num_rows = mysql_num_rows($query);

mysql_close($connect);

if ($num_rows > 0)
{
$user = $_POST[&quot;username&quot;];
$pass = $_POST[&quot;password&quot;];
session_register(&quot;user&quot;, &quot;pass&quot;
echo &quot;<META HTTP-EQUIV=\&quot;refresh\&quot; CONTENT=\&quot;0;URL=http://&quot; . $user . &quot;.mainframe-webdesign.com\&quot;>&quot;;
}
else
{
echo &quot;error&quot;; //re-login etc
}
?>

The subdomain site checks to see if there are variables present:

<?php
session_start();
if ($user == &quot;username&quot; && $pass == &quot;password&quot
{
// show the site
}
else
{
echo &quot;you are not authorized to view this site&quot;;
}
?>

Thanks alot!

Keep up to date with my 2003 NHL Playoffs Wallpaper

http://www.spyderix-designz.com/nhl/nhl_playoffs.jpg

 

[vbkris]

i can tell u why it does not work.
it may be because the server changes from one domain to another, a session is server specific.

Known is handfull, Unknown is worldfull

 

[KempCGDR]

He already knows that, he wants ot know how to get around it. Personally, I've never has to use sessions, so I can't help you.

 

[vbkris]

the only way to et around is to use a common database and pass on the values using that database.

another method maybe to create a file (if both severs are in one system) and use that file to share info.

Known is handfull, Unknown is worldfull

 

[SPYDERIX]

Hi,

The server is on my machine, and the domain and subdomain are both on my machine. The only thing that I can possibly think of is to create a cookie and set the url to be the subdomain's url and have that expire when the user leaves the site.

Would that work?

Thannks!

Keep up to date with my 2003 NHL Playoffs Wallpaper

http://www.spyderix-designz.com/nhl/nhl_playoffs.jpg

 

[sleipnir214]

There is a setting in php.ini called &quot;session.cookie_domain&quot;, which controls to which domain the session cookie is visible. By default, it's set to nothing, which browsers interpret as the current domain only.

You might try using session_set_cookie_params() to explicitly set the session cookie domain to the common domain name, like &quot;foo.com&quot;, rather than &quot;

http://www.foo.com&quot;

or &quot;test.foo.com&quot;.

Want the best answers? Ask the best questions:

http://www.catb.org/~esr/faqs/smart-questions.html

TANSTAAFL!

 

[SPYDERIX]

Well I founf my method. I just wrote a cookie that expired when you close the browser containing the user and pass and passed it along that way and made the domain .site.com so that it was availble globally.

Thanks!

Keep up to date with my 2003 NHL Playoffs Wallpaper

http://www.spyderix-designz.com/nhl/nhl_playoffs.jpg