Cassiel wrote:
Hi you all,
I would like to keep session variables alive, between two PHP coded
website, currently two virtual hosts.
This is in order to let users login from the main one and then switch
between the twos without loosing $_SESSION info.
Any suggestion is appreciated.
regards
raffaele
A session variable is simply a cookie in the user's browser that holds
their session ID (unless you happen to be keeping tracking of the
session ID through the URL, which is a bigger security risk). You won't
be able to make it work across two different domain names, as this would
be a security hole. If the two virtualhosts share the same top level
domain (such as sub1.example.com and sub2.example.com), then it is
possible as long as the cookie is tied to example.com as opposed to
sub1.example.com or sub2.example.com.
Otherwise, you'll have to maintain the "link" between the two sites
yourself, such as passing some sort of hash information from one site to
the other that tells the site the user's login information. Keep in mind
this is not the most secure way of doing things, but you just have to
remember that the browse will think domain1.com and domain2.com are
completely different web site, even if they are the "same" logically.
--
Justin Pasher
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
" from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
