开发者

PHP not saving sessions on subdomain, ok on domain

开发者 https://www.devze.com 2023-01-09 09:21 出处:网络
We have a CentOS 5.4 server serving a number of our websites. The server is managed by Plesk 9.2.3. Our websites are developed in php.

We have a CentOS 5.4 server serving a number of our websites. The server is managed by Plesk 9.2.3. Our websites are developed in php.

We have our main domain ourapplication.co.uk in /var/www/vhosts/ourapplication.co.uk/httpdocs, and our subdomain api.ourapplication.co.uk in /var/www/vhosts/ourapplication/subdomains/api/httpdocs

The following pages are in BOTH locations:

davidstest1.php

<?php
session_start();
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<meta http-equiv="X-UA-Compatible" content="IE=7" />
<title>Code Blue Stats</title>
<link rel="stylesheet" type="text/css" href="css/style.css" />
</head>
<body>
<?php
echo "This is Davids Test 1. It will set SESSION['davids']='davids variable set' and then link
to davidstest2.php<br />
davidstest2 wil then do a session_start() call, and attempt to display SESSION['davids'] <br />";
$_SESSION['davids']='davids variable set';
?>
<a href="davidstest2.php">davidstest2.php</a>
</body>
</html>

davidstest2.php

<?php
session_start();
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<meta http-equiv="X-UA-Compatible" content="IE=7" />
<title>Code Blue Stats</title>
<link rel="stylesheet" type="text/css" href="css/style.css" />
</head>
<body>
<?php
echo "This is Davids Test 2. It will do a session_start() call, and attempt to display SESSION['davids'] <br />";
$r=print_r($_SESSION, true);
echo "<pre>Session in <br />";
echo $r;
echo "<br /></pre>";
?>
<a href="davidstest2.php">davidstest2.php</a>
</body>
</html>

in the MAIN domain, davidstest2 returns

This is Davids Test 2. It will do a session_start() call, and attempt to display SESSION['davids'] 
Session in 
Array
(
    [siteMode] => none
    [davids] => davids variable set
) 
davidstest2.php

in the api SUBDOMAIN, davidstest2 returns

This is Davids Test 2. It will do a session_start() call, and attempt to display SESSION['davids'] 
Session in 
Array
(
)
davidstest2.php

Obviously, something in the Apache config or the Php config is wrong, as the session variable should be stored for both domains

Relevant phpinfo() reports:
Session S开发者_高级运维upport enabled
Registered save handlers    files user
Registered serializer handlers  php php_binary wddx
session.auto_start  Off Off
session.bug_compat_42   Off Off
session.bug_compat_warn On  On
session.cache_expire    180 180
session.cache_limiter   nocache nocache
session.cookie_domain   no value    no value
session.cookie_lifetime 0   0
session.cookie_path /   /
session.cookie_secure   Off Off
session.entropy_file    no value    no value
session.entropy_length  0   0
session.gc_divisor  1000    1000
session.gc_maxlifetime  1440    1440
session.gc_probability  1   1
session.hash_bits_per_character 5   5
session.hash_function   0   0
session.name    PHPSESSID   PHPSESSID
session.referer_check   no value    no value
session.save_handler    files   files
session.save_path   /var/lib/php/session    /var/lib/php/session
session.serialize_handler   php php
session.use_cookies On  On
session.use_only_cookies    Off Off
session.use_trans_sid   0   0

Any ideas where to start looking?


Set session.cookie_domain to .ourapplication.co.uk (note the dot at the begin) to have the session cookies be valid for ourapplication.co.uk and all its subdomains.


session.cookie_domain should be set according to cookie domain setting explained in http://php.net/setcookie

session_set_cookie_params() function is often used for this

0

精彩评论

暂无评论...
验证码 换一张
取 消