开发者

Destroying a multi-domain session in PHP

开发者 https://www.devze.com 2023-02-06 18:56 出处:网络
This could be the sequel of this question: PHP Sessions across sub domains I have a successful multi-domain session simply using this:

This could be the sequel of this question: PHP Sessions across sub domains

I have a successful multi-domain session simply using this:

session_set_cookie_params(0, '/', '.domain.com');
session_start();

This code is working perfectly and if I visit domain.com or subdomain.domain.com I see the SESSION vars without problems and everything is working :)

The problem is when I try to logout from domain.com. I have tried everything for logout, even all this, as suggested in PHP session_destroy() manual:

// Unset all of the session variables.
$_SESSION = array();

// If it's desired to kill the session, also delete the session cookie.
// Note: This will destroy the session, and not just the session data!

if (ini_get("session.use_cookies")) {
  $params = session_get_cookie_params();
  setcookie(session_name(), '', time() - 42000,
    $params["path"], $params["domain"],
    $params["secure"], $params["httponly"]
  );
}

1) session.use开发者_如何学Go_cookies is ON, and setup correctly in the server 2) That code kills the session in the main domain, but not in subdomain.domain.com 3) $params shows correct information:

Array
(
    [lifetime] => 0
    [path] => /
    [domain] => .domain.com
    [secure] => 
    [httponly] => 
)

But it's not working. The session is still alive when I visit subdomain.domain.com.

Any help please ! :)

Thank you!


Simple use session_destroy() to destroy the session.

0

精彩评论

暂无评论...
验证码 换一张
取 消