- set several cookies, but it won't work if user has third party cookies disabled (many have)
- pass session id in url if the url is cross domain
Stain wrote:
i would use sessions in multiple hosts of my domain. say my domain is example.com, i'd use sessions in several hosts such as:
www1.example.com
www2.example.com
www3.example.com
this could be easily configured in php.ini by putting:
session.cookie_domain = example.com
but how can i do if i would EXCLUDE some hosts of my domain? someting like giving the exact list of hosts the cookie should be sent by user clients to the server:
session.cookie_domain = www1.exclude.com,www2.example.com,www3.example.com
(i tried, but it doesn't works!)
such thing is useful when you have some hosts in which you're sure you manage them, while some others you're not so sure. for istance, someone on an hosted site of the same domain could catch all sessions clients sent to his site and re-use those sessions faking someone other authentication...
some hints?
tell me if it's not clear...
bye, stain.
-- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
