beckerdt Posted July 27, 2011 Share Posted July 27, 2011 When a user logs into my site I put all their user info into a session like this session_start(); $_SESSION["login"] = 'true'; $_SESSION["id"] = $user_info['id']; $_SESSION["firstname"] = $user_info['firstname']; $_SESSION["lastname"] = $user_info['lastname']; $_SESSION["screen_name"] = $user_info['screen_name']; $_SESSION["facebook"] = $user_info['facebook']; $_SESSION["email"] = $user_info['email']; $_SESSION["date_joined"] = $user_info['date_joined']; $_SESSION["account_type"] = $user_info['account_type']; $_SESSION["account_active"] = $user_info['account_active']; $_SESSION["hashed_password"] = $user_info['hashed_password']; The problem is if they logged in from www.domain.com and then end up on a page at domain.com or the other way around they login from domain.com and end up on a page at www.domain.com the info stored in the session is not available. How can I have the session info available no matter if they logged in with www or not? Quote Link to comment Share on other sites More sharing options...
braunshedd Posted July 27, 2011 Share Posted July 27, 2011 I believe it does, as sessions only apply to one domain. www.blah.com is considered a different domain than blah.com You could do a redirect to blah.com if a user types www.blah.com Hope this helps Quote Link to comment Share on other sites More sharing options...
PFMaBiSmAd Posted July 27, 2011 Share Posted July 27, 2011 A) If possible, you should redirect all non- www. requests to www.domain.com (for consistency, SEO) B) See the domain parameter at this link - http://www.php.net/manual/en/function.session-set-cookie-params.php Quote Link to comment Share on other sites More sharing options...
beckerdt Posted July 27, 2011 Author Share Posted July 27, 2011 I got it to work!!! <?php $rootDomain = '.domain.com'; session_set_cookie_params( 3600, '/', $rootDomain, false, false); session_start(); if (isset($_SESSION['LAST_ACTIVITY']) && (time() - $_SESSION['LAST_ACTIVITY'] > 2700)) { // last request was more than 45 min ago if(isset($_SESSION['id'])){ $connection = mysql_connect('localhost', '******', '*******'); if (!$connection){ die('Database connection failed: ' . mysql_error()); } $db_select = mysql_select_db('******'); $query = "UPDATE users SET online='no' WHERE id='{$_SESSION['id']}' LIMIT 1"; mysql_query($query); } $_SESSION = array(); if(isset($_COOKIE[session_name()])) { setcookie(session_name(), '', time()-42000, '/'); } session_destroy(); // destroy session data in storage session_unset(); // unset $_SESSION variable for the runtime if(isset($connection)){ mysql_close($connection); } } $_SESSION['LAST_ACTIVITY'] = time(); // update last activity time stamp ?> Quote Link to comment Share on other sites More sharing options...
beckerdt Posted July 27, 2011 Author Share Posted July 27, 2011 One last note to anyone that might want to use this code put your real domain where it says domain.com. DO NOT remove the leading period, it's important! Quote Link to comment Share on other sites More sharing options...
xyph Posted July 27, 2011 Share Posted July 27, 2011 That is, unless, you don't want your session to pass to subdomains. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.