chshrmc
asked on
Cross site PHP session
What I'm wanting to do is have one login for multiple sites that I have on one webserver.
Here's the setup so you can understand a little more
Apache2 is running on a SuSE 10 webserver with several virtual ip addresses and virtual hosst. Each virtual host is tied to it's own virtual IP instead of being tied to one IP and being dependant upon a DNS name (this is probably not the best way to do it, but it's what I knew at the time I set it up). The 2 in question are our helpdesk page and our knowledgebase page. For example we'll say the help=10.1.1.100 and kb = 10.1.1.200. So, if you type helpdesk in your address bar local DNS translates it to the IP and the webserver answers....
Anyway, currently I have a pretty good login situation setup on the helpdesk site so, when you go to the page, it asks you for your login... checks it and creates the session
...
session_start();
session_name("is");
while($row = mysql_fetch_array($result)
{
session_register('uid');
session_register('fname');
session_register('lname');
...
$_SESSION['uid'] = $row["ID"];
$_SESSION['fname'] = $row["FName"];
$_SESSION['lname'] = $row["LName"];
...
}
...
Anyway, that seems to work perfectly, I can logout, destroy the session, and it asks me to log back in.... it also remember my settings, etc. To ensure I'm logged in every page after that has something up at the top of the page similar to this
<?php
//start the session
session_start();
//check to make sure the session variable is registered
if(!session_is_registered(
{
//the session variable isn't registered, send them back to the login page
header( "Location: index.php" );
}
?>
as mentioned. It works..... so I (most likely incorrectly) assumed that I could do something similar to this on the top of the kb pages.... hoping it'll remember that I'm already logged into the helpdesk page. So, I put the following at the top of the main page for the kb
<?php
//start the session
session_start();
//check to make sure the session variable is registered
if(!session_is_registered(
{
//the session variable isn't registered, send them back to the login page
header( "Location: https://help.hrmc.org/index.php" );
}
?>
but it never actually recognizes that I'm logged in. If I go to my /var/lib/php5 folder, I can see my php sessions there, so I know they exist on the server. I'm wondering how I can get it to see that I've already logged in on the other page.
Here's the setup so you can understand a little more
Apache2 is running on a SuSE 10 webserver with several virtual ip addresses and virtual hosst. Each virtual host is tied to it's own virtual IP instead of being tied to one IP and being dependant upon a DNS name (this is probably not the best way to do it, but it's what I knew at the time I set it up). The 2 in question are our helpdesk page and our knowledgebase page. For example we'll say the help=10.1.1.100 and kb = 10.1.1.200. So, if you type helpdesk in your address bar local DNS translates it to the IP and the webserver answers....
Anyway, currently I have a pretty good login situation setup on the helpdesk site so, when you go to the page, it asks you for your login... checks it and creates the session
...
session_start();
session_name("is");
while($row = mysql_fetch_array($result)
{
session_register('uid');
session_register('fname');
session_register('lname');
...
$_SESSION['uid'] = $row["ID"];
$_SESSION['fname'] = $row["FName"];
$_SESSION['lname'] = $row["LName"];
...
}
...
Anyway, that seems to work perfectly, I can logout, destroy the session, and it asks me to log back in.... it also remember my settings, etc. To ensure I'm logged in every page after that has something up at the top of the page similar to this
<?php
//start the session
session_start();
//check to make sure the session variable is registered
if(!session_is_registered(
{
//the session variable isn't registered, send them back to the login page
header( "Location: index.php" );
}
?>
as mentioned. It works..... so I (most likely incorrectly) assumed that I could do something similar to this on the top of the kb pages.... hoping it'll remember that I'm already logged into the helpdesk page. So, I put the following at the top of the main page for the kb
<?php
//start the session
session_start();
//check to make sure the session variable is registered
if(!session_is_registered(
{
//the session variable isn't registered, send them back to the login page
header( "Location: https://help.hrmc.org/index.php" );
}
?>
but it never actually recognizes that I'm logged in. If I go to my /var/lib/php5 folder, I can see my php sessions there, so I know they exist on the server. I'm wondering how I can get it to see that I've already logged in on the other page.
ASKER
that is correct, it is 2 different domains
help.blah.com and kb.blah.com
help.blah.com and kb.blah.com
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
eg if your original site was help.blah.com and your second site is helpme.blah.com i don't think you can carry the sessions across.
Is setting a cookie an option?