|
Posted by C. (http://symcbean.blogspot.c on July 27, 2008, 10:24 am
Please log in for more thread options > Josh wrote:
> > I run a Joomla website and am familiar with php in some but not all
> > aspects. Currently I am trying to find some solutions related to
> > session handling.
>
> > Am I correct in saying that "login" is kept in sessions? I can see
> > active sessions in my mysql database, but is that the only place this
> > information is stored? Sessions and cookies I know are related also,
> > but how specifically (session info stored in cookies?)?
>
> > Right now, when users login at example.com, and then visit
> > subdomain.example.com, they are not logged in at the subdomain. I am
> > trying to change this so that users logged in on the main site or any
> > subdomain are also logged in across all other subdomains and the main
> > site. I know sites like livejournal successfully accomplish this.
>
> > I have read some stuff about mod_rewrite solutions, but I don't think
> > this is really what I need. From what I can tell, the domain is stored
> > in a session, and I may need to generalize it somehow, but I don't
> > know how to test this.
>
> > Any ideas?
>
> Your problem is the session id is kept in a cookie. However, the browser
> will not normally send a cookie from one website to a different website.
> And even though they are subdomains of the same domain, they are
> different sites.
>
> To get them to work with all of your subdomains, in your php.ini file set
>
> session.cookie_domain = .example.com
>
> where example.com is your main domain. The leading period is important.
>
...but test it first - particularly with MSIE 8 and FF3.
A better solution might be to look at single sign on - or at least
rebinding the session id at runtime.
C.
| 
XML Sitemap