ShopMAster Posted June 7, 2010 Share Posted June 7, 2010 Hello, You guys have always helped me so I'm coming to you guys again for some help. I have a site that requires people to login using a username and password. It's at www.mydomain.com. I have built another application that uses a login system also at the same domain name just in a folder Ex. www.mydomain.com/newapplication/ When I sign into the newapplication (www.mydomain.com/newapplication/) and then open up another window with IE and go to the first application (www.mydomain.com) it has me already signed in as someone else. Is there anyway to prevent this? I'm new at this but I'm thinking there has to be a way to solve this. Any help is really appreciated. Thanks. - ShopMaster Quote Link to comment https://forums.phpfreaks.com/topic/204064-two-different-applications-with-different-sessions/ Share on other sites More sharing options...
dabaR Posted June 7, 2010 Share Posted June 7, 2010 prefix all session keys with new_app_, e.g. $_SESSION['new_app_user_id'] = 123; Quote Link to comment https://forums.phpfreaks.com/topic/204064-two-different-applications-with-different-sessions/#findComment-1068851 Share on other sites More sharing options...
ignace Posted June 7, 2010 Share Posted June 7, 2010 prefix all session keys with new_app_, e.g. $_SESSION['new_app_user_id'] = 123; You don't need that just change the domain or path for your cookies. bool setcookie ( string $name [, string $value [, int $expire = 0 [, string $path [, string $domain [, bool $secure = false [, bool $httponly = false ]]]]]] ) If it's possible to create sub-domains (newapplication.mydomain.com) you can make the cookies sub-domain specific, like: session_set_cookie_params(.., '/', 'www.mydomain.com', ..); session_set_cookie_params(.., '/', 'newapplication.mydomain.com', ..); Or if that's not an option: session_set_cookie_params(.., '/newapplication/', ..); Will set it for /newapplication/ alone although I think this may have the problem that $_SESSION will exist if they come from www.domain.com. However they are no longer logged in on www.domain.com if they came from /newapplication/ Quote Link to comment https://forums.phpfreaks.com/topic/204064-two-different-applications-with-different-sessions/#findComment-1068903 Share on other sites More sharing options...
ShopMAster Posted June 8, 2010 Author Share Posted June 8, 2010 I'm sorry I'm kind of new but where would I put: session_set_cookie_params(.., '/', 'www.mydomain.com', ..); session_set_cookie_params(.., '/', 'newapplication.mydomain.com', ..); I know I set cookies in the config file for the application that's running on the root of the domain and I know I'm not setting cookies for the new application. Do I put it in the header? Thanks for any assistance. Quote Link to comment https://forums.phpfreaks.com/topic/204064-two-different-applications-with-different-sessions/#findComment-1069443 Share on other sites More sharing options...
ignace Posted June 8, 2010 Share Posted June 8, 2010 You would set: session_set_cookie_params(.., '/', 'www.mydomain.com', ..); In the PHP files under www.mydomain.com, and: session_set_cookie_params(.., '/', 'newapplication.mydomain.com', ..); in the PHP files under newapplication.mydomain.com. This line has to come before you call session_start() Quote Link to comment https://forums.phpfreaks.com/topic/204064-two-different-applications-with-different-sessions/#findComment-1069495 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.