Sharing php Session ($_SESSION) across multiple domain

I have 2 different domain, let’s call them www.foo.com and bar.foo.com. The first one is built with CI, and the second one is built with Symfony. I want to share my session, so if I login in one of them, I can access the other one. I set my session data with $_SESSION["session_name"] = "value";.

How to make a session data readable from the other domain?

Thanks for your help.

Here is Solutions:

We have many solutions to this problem, But we recommend you to use the first solution because it is tested & true solution that will 100% work for you.

Solution 1

Considering your original question and your answers to Logan and myself in the comments of the original question I understand:

1 – you want to pass the session variables among a domain and its subdomains; and

2 – CI and Symfony load the session before you have a chance to do the ini_set command.

I believe you have two options:

1 – include the php configuration command in the php.ini file

session.cookie_domain=".foo.com"

If you try including it in the .htaccess it will not work if you are running php as a CGI module, which seems to be fairly common among shared hosting services.

2 – you can prepend a file to all php scripts in your site. Those will be put on top of every single php script your site runs, even the ones inside CI and Symfony. For example:

phpprepend.php file

<?php
ini_set('session.cookie_domain', '.foo.com');
?>

include the following line in your php.ini file:

auto_prepend_file = "/path/to/file/phpprepend.php"

Please let us know if this solves the problem.

Good luck!

Solution 2

Use session_name function let they have same session name. This will work for sub domains.
And if they are complete different domains, and if you are using the cookie to pass session id, this will not work because cookie only work for one domain.

Solution 3

You need to set up the session cookie’s domain so that it is accessible from both sites.

<?php
ini_set('session.cookie_domain', '.foo.com');

Either add that to both sites’s PHP code very early on in loading, or add something like this to your .htaccess file in both sites.

php_value session.cookie_domain ".foo.com"

I’m not 100% sure the second options works, but I think it should.

Solution 4

Sessions are associated with actual files in the server which contains the session data. So unless the sites have a way of sharing these temporary session files, then they can’t share sessions. That is unless the session is serialized and sent the other site. I think the only solution is to implement a session that gets and stores the session data in an external database that the two sites have access to. Then if server 1 sends the session ID to server 2 and server 2 uses it to access the database, it can access the session data stored by server 1

Solution 5

Code igniter has the option of using it’s session library which has support for storing your sessions is a database, there may be some form of plugin, or you could build your own, for symphony which can read the code igniter sessions out of the database and setup the session inside symphony.

So although they will technically be two different sessions, the database will synchronize them.

This of course assumes that your two sites use the same database.

Note: Use and implement solution 1 because this method fully tested our system.
Thank you 🙂

All methods was sourced from stackoverflow.com or stackexchange.com, is licensed under cc by-sa 2.5, cc by-sa 3.0 and cc by-sa 4.0

Leave a Reply