Fraser, Kevin is right on, but it wasn't clear to me that you wanted the users to log onto each site. Seems you may expect them to go to the site in another browser, or perhaps the same, without having to signon again. Perhaps this can be done if you do a form post to the new domain from the existing one, passing the session key (or some other indication who has signed on) as a hidden variable, and using target="_BLANK" to open a new browser. I would recommend checking that you haven't created a BIG security hole with this one.
Warren Vail -----Original Message----- From: Kevin Stone [mailto:[EMAIL PROTECTED] Sent: Monday, September 29, 2003 12:33 PM To: [EMAIL PROTECTED] Subject: [PHP] Re: Central authentication for multiple sites If all domains have access to the same database then there is absolutely nothing preventing you from using a Cookie. Have a normal login on Domain1.com. Once authenticated produce a random ID and store it in the database. Store the ID in a cookie then Redirect the client to the desired domain. The page the client is redirected to checks to see if the ID matches one stored in the database. If it does then the user is valid. A logout request on any one of the domains destroys the ID in the database and erases the cookie. Associate a timestamp with the ID in the database so that you can make the login invalid after a period of no activity. - Kevin "Fraser Campbell" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED] > Hi, > > Does anyone know of a way to authenticate a person on one site and have that > authentication carried through to multiple sites? > > Basically I'd like to have someone login on www.domain1.com and then have > their login be valid on www.domain2.com and www.domain3.com ... the domain > name is different so I don't see how I could use a common cookie. > > The 3 sites in question are hosted on a common server with a common user > database if that helps but still the domain names that people access the > sites with are unique. > > Any ideas? > > Thanks! > -- > Fraser Campbell <[EMAIL PROTECTED]> http://www.wehave.net/ > Halton Hills, Ontario, Canada Debian GNU/Linux -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
