From: "Fraser Campbell" <[EMAIL PROTECTED]> > On Monday 29 September 2003 15:58, you wrote: > > > Like someone else mentioned, use sessions or something like them. The key > > is you're passing a unique id around for each person that logs in. When > > they go to another site, this ID must go with them, so that means they can > > only get to the other sites through a link or a form where the ID is > > passed. If they simply type in the URL for the next domain, they will not > > be logged in because the ID is not getting passed. > > Got it. How about this: > > - every login form sets a session ID > - immediately after logging in the user is directed to a page showing that > successful login has occurred. The result screen could could have some > images (or whatever) such as this: > > <img src="http://www.otherdomain.com/img/auth.gif?session=2345r8hrfd";> > > - above example of gif would actually be a script that returns a tiny > (invisible) gif which verifies that the session is valid and sends a cookie > for the new domain if it is. There would be one such embedded image for > each extra domain. > > I've been out of web development for a while so it took me a bit to get my > head around this requirement. Does my explanation make sense and seem > feasible?
I think this should work. Your effectively starting a session on each domain at the same time with the same ID. With a limited amount of domains, this would be an adequate method. The benifit you get from this is that you don't have to include the session ID as the user switches domains, because the cookie is already set. Also, use SID when you need to pass the session id in the URL. It's a constant made just for that... <img src="http://www.otherdomain.com/img/auth.gif?<?=SID?>"> ---John Holmes... -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
![http://www.otherdomain.com/img/auth.gif?session=2345r8hrfd"](http://www.otherdomain.com/img/auth.gif?session=2345r8hrfd"){kind=link}
