Codeigniter sharing session with a simple php blog

I have to solve this issue which I'm not able to solve :( I have a blog in PHP and an ecommerce site built with CodeIgniter. Both sites have the same session informations shared, but if I go on the blog and I login, when I pass on the ecommerce the user is not recognized and the ecommerce ask for a new login to the user.

In the blog part I set the session in this way:

<?php

include("config.php");

if(isset($_GET['logout'])){
    $servername = 'localhost';
    $username = 'wtgecomm_ecomm';
    $password = 'ElFDeOD$o_qd';
    $dbname ='wtgecomm_ecommerce';
    $conn = new mysqli($servername, $username, $password, $dbname);
     $sql = "DELETE FROM `ci_sessions` WHERE id="."'".$_COOKIE['ci_session']."'";
    if (!$conn->query($sql)) {
   // printf("Message d'erreur : %s\n", $conn->error);
}
    //$result = $conn->query($sql);
    //var_dump($result);
$_SESSION['login_id'] = '';
$_SESSION['customer_id'] = '';
unset($_SESSION['customer_id']);
unset($_SESSION['client']);
unset($_COOKIE['ci_session']);
session_destroy();
//var_dump($_SESSION);
header( 'Location: /'); 
}
if(isset($_REQUEST['login_id']) && !empty($_REQUEST['login_id']) ){

    $ci_session = $_COOKIE['ci_sessions'];
    $login_id = $_REQUEST['login_id'];
//  $sql = "INSERT INTO `ci_sessions` (`id`,`data`) VALUES ('2121212','121212121212')";
//  $ctx->exec($sql) ;
    $servername = 'localhost';
    $username = 'wtgecomm_ecomm';
    $password = 'ElFDeOD$o_qd';
    $dbname ='wtgecomm_ecommerce';
    $conn = new mysqli($servername, $username, $password, $dbname);
     $query = "SELECT * FROM `users` WHERE id="."'".$login_id."'";
    if ($result = $conn->query($query)) {

    /* Récupère un tableau associatif */
    while ($row = $result->fetch_assoc()) {

        $cust_email=$row['username'];
        $cust_pass=$row['password'];
    }

    /* Libération des résultats */
    $result->free();
}
$_SESSION['login_id']= $login_id;
$_SESSION['customer_id']=$login_id;
$_SESSION['cust_email']=$cust_email;

$_SESSION['userdata'] = array('user_id' => $login_id, 'username' =>$cust_email,'status'=>1,'password'=>$cust_pass );
$user=$_SESSION['userdata'];
echo true;
exit;
}
else {
    echo false;
    exit;
}
exit;

Open in new window


In the ecommerce config.php file (CodeIgniter), I have this session configuration:

$config['sess_driver'] = 'database';
$config['sess_cookie_name'] = 'ci_session';
$config['sess_expiration'] = 7200;
$config['sess_save_path'] = 'ci_sessions';
$config['sess_match_ip'] = FALSE;
$config['sess_time_to_update'] = 300;
$config['sess_regenerate_destroy'] = TRUE;





//$config['sess_table_name'] = 'ci_sessions';
//$config['sess_match_useragent'] = TRUE;
//$config['sess_use_database'] = TRUE;

/*
|--------------------------------------------------------------------------
| Cookie Related Variables
|--------------------------------------------------------------------------
|
| 'cookie_prefix'   = Set a cookie name prefix if you need to avoid collisions
| 'cookie_domain'   = Set to .your-domain.com for site-wide cookies
| 'cookie_path'     = Typically will be a forward slash
| 'cookie_secure'   = Cookie will only be set if a secure HTTPS connection exists.
| 'cookie_httponly' = Cookie will only be accessible via HTTP(S) (no javascript)
|
| Note: These settings (with the exception of 'cookie_prefix' and
|       'cookie_httponly') will also affect sessions.
|
*/
$config['cookie_prefix']    = '';
$config['cookie_domain']    = '.wtgecommerce.powersoftware.in';
$config['cookie_path']      = '/';
$config['cookie_secure']    = FALSE;
$config['cookie_httponly']  = FALSE;

Open in new window


Where I'm wrong? I tryed in many ways, to set up the same configuration for the user session but without solution... thank you for the help.
Irene BontàAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Ray PaseurCommented:
What are the exact URLs of each of these sites?  I'm wondering if they can share cookies.
0
Irene BontàAuthor Commented:
0
Ray PaseurCommented:
Good, that is helpful information.  I believe you can share cookies between those two URLs, and if we can share the cookies, we should be able to share other things, too.  The key to getting this right is to know that a cookie set by one of the URLs is also returned to the server when a different instance of the same browser visits the other URL.  There is a potential problem with the PHP session.  It has got a few layers of nuance.  This article tells a bit more about how the session works.
https://www.experts-exchange.com/articles/11909/PHP-Sessions-Simpler-Than-You-May-Think.html

The PHP session is not really designed for long-term use or for sharing among different sites.  The session cookie has a zero-lifetime meaning when the browser is closed, the cookie is gone.  If you want to persist a log-in state over a length of time the right approach is to set your own cookie.  The cookie you set will contain a pointer to a database row that gives the client information, and this cookie values can be used to do the lookup and find the client.  An example of the "remember me" cookie is given in this article.
https://www.experts-exchange.com/articles/2391/PHP-Client-Registration-Login-Logout-and-Easy-Access-Control.html

Here's a script that I would like you to install on both of the URLs.  You can take it out later, but just for now I would like to see what it does when I visit it on both of the URLs.
<?php // demo/temp_irene.php
/**
 * https://www.experts-exchange.com/questions/29009599/Codeigniter-sharing-session-with-a-simple-php-blog.html
 *
 * http://php.net/manual/en/function.setcookie.php
 *
 * To see cookies in Firefox, follow something like this:
 * => Tools
 * => Options
 * => Privacy
 * => Show cookies
 */
error_reporting(E_ALL);
ob_start();

// SET THE COOKIE INFORMATION
$cookie_name    = 'RAY';
$cookie_value   = 'IRENE';
$cookie_expires = 0;
$cookie_path	= DIRECTORY_SEPARATOR;
$cookie_domain  = '.wtgecommerce.powersoftware.in';
$cookie_domain = '.iconoun.com';
$cookie_secure  = FALSE;
$cookie_http    = TRUE;


// SET THE COOKIE
if ( setcookie
( $cookie_name
, $cookie_value
, $cookie_expires
, $cookie_path
, $cookie_domain
, $cookie_secure
, $cookie_http )
)
{
    echo PHP_EOL . "<br/>SUCCESS!  THE COOKIE HAS BEEN SET AND WILL BE AVAILABLE TO THE NEXT PAGE LOAD";
}
else
{
    echo PHP_EOL . "<br/>FAILURE!  THE COOKIE WAS NOT SET AS EXPECTED";
}


/**
 * AT THIS POINT, THE COOKIE HAS BEEN SET, BUT IT IS NOT AVAILABLE IN THIS SCRIPT
 * THE COOKIE WILL NOT BE RETURNED FROM THE CLIENT TO THE SERVER UNTIL THE NEXT HTTP REQUEST
 * THIS IS BECAUSE THE BROWSER SENDS THE COOKIE TO THE SERVER BEFORE OUR SCRIPT STARTS RUNNING
 */
echo '<pre>';
echo PHP_EOL . '$_COOKIE CONTAINS '; var_dump($_COOKIE);
echo PHP_EOL . 'THE COOKIE HAS BEEN SET WITH THESE VALUES: ';
echo PHP_EOL . 'COOKIE NAME:    ' . $cookie_name;
echo PHP_EOL . 'COOKIE VALUE:   ' . $cookie_value;
echo PHP_EOL . 'COOKIE EXPIRES: ' . number_format($cookie_expires) . " == " . date('r', $cookie_expires);
echo PHP_EOL . 'COOKIE PATH:    ' . $cookie_path;
echo PHP_EOL . 'COOKIE DOMAIN:  ' . $cookie_domain;
echo PHP_EOL . 'COOKIE SECURE:  '; var_dump($cookie_secure);
echo           'COOKIE HTTP:    '; var_dump($cookie_http);

Open in new window

0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Rowby Goren Makes an Impact on Screen and Online

Learn about longtime user Rowby Goren and his great contributions to the site. We explore his method for posing questions that are likely to yield a solution, and take a look at how his career transformed from a Hollywood writer to a website entrepreneur.

Irene BontàAuthor Commented:
Where I have to put this script? Thank you very much for your help!
0
Ray PaseurCommented:
You can put it anywhere that it can be accessed via a URL - just choose a name, like temp_irene.php and store it on the server.  Then open a browser, go to the URL and see that it works (there will be some browser output, but not much).  Once you've done that on both domains, just post the link here.  I'll test as soon as I can, then you can delete the script.  Thanks!
0
Ray PaseurCommented:
abandoned question, accepting commonsense comments
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
PHP

From novice to tech pro — start learning today.