By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
443,369 Members | 1,131 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 443,369 IT Pros & Developers. It's quick & easy.

How to share session data across multiple domains on same server?

P: 2
I heard the best method to share session across multiple domains on same server is to use custom php session handler. (ie, domain name different like abc.com, xyz.com but single application.)

But after i tried it, even custom php session handler that using SAME DATABASE ON 1 SERVER can't share session, when i tried to read cookie value from different domain.

Here's my custom session handler, Please kindly check or fix if something missing here. because i've tried it for a week now. can't get it to work



SESSION_INCLUDE.PHP
Expand|Select|Wrap|Line Numbers
  1. <?php 
  2.  
  3. // config 
  4. $m_host = "localhost"; //MySQL Host 
  5. $m_user = "db_user"; //MySQL User 
  6. $m_pass = "db_pass"; //MySQL Pass 
  7. $m_db   = "db_name"; //MySQL Database
  8. $table  = "sess_data";
  9.  
  10. $session_expire = 600; // Session expire time, in seconds (minutes * 60 = seconds) 
  11.  
  12. $gc_probability = 100; // Probability that the garbage collection function will be called. 50% chance by default 
  13.  
  14. ini_set("session.gc_probability",$gc_probability); 
  15.  
  16. /* Open function; Opens/starts session 
  17.  
  18.    Opens a connection to the database and stays open until specifically closed 
  19.    This function is called first and with each page load */ 
  20.  
  21. function open ($s,$n) // do not modify function parameters 
  22.   global $session_connection, $m_host, $m_user, $m_pass, $m_db; 
  23.   $session_connection = mysql_pconnect($m_host,$m_user,$m_pass); 
  24.   mysql_select_db($m_db,$session_connection); 
  25.   return true; 
  26.  
  27. /* Read function; downloads data from repository to current session 
  28.  
  29.    Queries the mysql database, unencrypts data, and returns it. 
  30.    This function is called after 'open' with each page load. */ 
  31. function read ($id) // do not modify function parameters 
  32.   global $session_connection,$session_read,$table; 
  33.   $query = "SELECT data FROM `$table` WHERE id=\"{$id}\""; 
  34.   $res = mysql_query($query,$session_connection); 
  35.   if(mysql_num_rows($res) != 1) return ""; // must return string, not 'false' 
  36.   else 
  37.   { 
  38.     $session_read = mysql_fetch_assoc($res); 
  39.     $session_read["data"] = base64_decode($session_read["data"]); 
  40.     return $session_read["data"]; 
  41.   } 
  42. function write ($id,$data) // do not modify function parameters 
  43.   if(!$data) { return false; } 
  44.   global $session_connection, $session_read, $session_expire, $table; 
  45.   $expire = time() + $session_expire; 
  46.   $data = mysql_real_escape_string(base64_encode($data)); 
  47.   if($session_read) $query = "UPDATE `$table` SET data=\"{$data}\", expire=\"{$expire}\" WHERE id=\"{$id}\""; 
  48.   else $query = "INSERT INTO sess_data SET id=\"{$id}\", data=\"{$data}\", expire=\"{$expire}\""; 
  49.   mysql_query($query,$session_connection); 
  50.   return true; 
  51. function close () 
  52.   global $session_connection; 
  53.   mysql_close($session_connection); 
  54.   return true; 
  55. function destroy ($id) // do not modify function parameters 
  56.   global $session_connection,$table; 
  57.   $query = "DELETE FROM `$table` WHERE id=\"{$id}\""; 
  58.   mysql_query($query,$session_connection); 
  59.   return true; 
  60. }
  61. function gc ($expire) 
  62.   global $session_connection,$table; 
  63.   $query = "DELETE FROM `$table` WHERE expire < ".time(); 
  64.   mysql_query($query,$session_connection); 
  65. }
  66. // Set custom handlers 
  67. session_set_save_handler ("open", "close", "read", "write", "destroy", "gc"); 
  68.  
  69. // Start session 
  70. session_start(); 
  71. ?>


// MySQL Database Table
Expand|Select|Wrap|Line Numbers
  1. create table sess_data (
  2. id2 int not null auto_increment,
  3. id text not null,
  4. data text,
  5. expire int not null,
  6. primary key(id2)
  7. );
Jan 21 '11 #1
Share this Question
Share on Google+
2 Replies


dlite922
Expert 100+
P: 1,584
What you've done is just change the location of where PHP stores information. I don't see any code that tells it to share this across multiple domains.

I'd go back to where you 'heard' about this and ask them what else you need to do different.

If I had to guess, I'd guess that your read would now need to look up the record with something other-than $id. It has to be a custom id that YOU makeup for your clients. That PHP id you're currently using is issued by PHP and PHP does not share that ID between domains.

Cheers,


Dan
Jan 21 '11 #2

P: 2
"I don't see any code that tells it to share this across multiple domains."

because it's still on testing phase i just use firefox addon to manually change the ssid cookie value myself.. so the value of the session is same with the old domain.. no problem with that. & on real life i can just pass that old session id from old domain to new domain using $_GET
Jan 22 '11 #3

Post your reply

Sign in to post your reply or Sign up for a free account.