Jump to content

Recommended Posts

I have recently changed server and setting things up are a right pain, after 2 days im need of some help.

 

I have my site split into sub domains so lets say;

 

www.domain.com

one.domain.com

two.domain.com

three.domain.com

 

They are to separate parts of my site which used to make it easier the manage each part, so one sub domain handles accounts and logins etc.. whilst another handles products and so on. the problem im having is all my login scripts and are on say 'one.domain.com', i can log in fine but when i visit any other domain im logged out, i can't seem to sort it out.

 

i have tried setting my session cookie path and session cookie domain by painstakingly adding

ini_set('session.save_path', '/var/www/vhosts/website.co.uk/httpdocs/tmp');
ini_set('session.cookie_domain', '.website.co.uk');

to every page, but it makes no difference, im also getting the occasional error

Warning: session_start() [function.session-start]: open(/tmp/sess_d387ha6eqvj53f135q0fh4d733, O_RDWR) failed: Permission denied 

 

I have contacted my server provider by after endless messages they are no longer helping but rather keep saying 'leave it with us' then 'we fixed it' although they didnt. It doesn't help im so limited in what i have access to, i cant access the php.ini so everything has to be done via php

 

So i would really appreciate any help getting this session problem sorted out.

 

Thank you.

Link to comment
https://forums.phpfreaks.com/topic/261971-session-problem-over-multiple-domains/
Share on other sites

This sounds like it's an issue with your hosting.

 

In all reality, I'd switch it to be all in one domain for SEO friendliness. Google considers each sub-domain as a different domain for the purposes of tracking, so by separating your site into separate sub-domains will affect your placement in searches.

 

If you don't care about SEO, it sounds like it will take finding someone at your hosting company that knows what they are doing.

I understand the search engine problem but it isn't really an option, my site has been set up like this for a while and changing it now would make all paperwork and existing users links etc.. invalid. We also have business cards which point to specific sub domains so i'm not too worried about search engines. thanks you though, im trying to get help from my host but its been a long wait and very little has been done.

When you do log in, what does the PHPSESSID cookie have for a domain setting when you look at the cookie in your browser?

 

Are you putting the ini_set() statements before the session_start() statement? Is the ini_set() statement enabled on your server?

 

You should be able to put php settings into a local php.ini (when php is running as a CGI application) or into a .htaccess file (on Apache when php is running as an Apache Module.)

 

What does a phpinfo statement show for the session.auto_start setting?

 

 

The cookie name is my website name without the www. (so domain.co.uk)

 

the top of my php pages looks like this

<?
ini_set('session.save_path', '/var/www/vhosts/xxxxx.co.uk/httpdocs/tmp');
ini_set('session.cookie_domain', '.xxxxx.co.uk');
session_start();

 

I dont have access to the php.ini which i was surprised about, they wont let me change anything, i tried adding it to my htaccess it just stopped me logging in at all.

 

session.auto_start = Off

 

session.cookie_path = /

 

Thank you

The cookie name is my website name without the www. (so domain.co.uk)

 

Use a tool that lets you see the raw headers. In Chrome, ctrl+shift+j will open the debug window, and under the Resources tab, there's a 'Cookie' option on the left. This gives details about the actual cookies being set. The 'domain' value is what PFMaBiSmAd wants to confirm. There may be cases where changing the value using ini_set doesn't actually change the behaviour.

Does the PHPSESSID cookie domain setting have the leading dot as part of it?

 

Is there more than one PHPSESSID cookie, for different variations of your domain, that are left over from previous testing? You may need to delete them all so that a new one that matches the current session.cookie settings will get created.

 

When you log in under one sub-domain, look at the value (content) in the PHPSESSID cookie, then navigate to a different sub-domain and check the PHPSESSID cookie value (content) again. Are those two values the same?

 

 

Is this the info you wanted? i had to download a addon for firefox to see it

 

name - PHPSESSID

host - .xxxxxxxxx.co.uk

content - 7qpi4boe4n5rf26hha1tqh45p5

path - /

 

and the host does have the . at the start. I deleted all other cookies, this is the only one i have from a fresh login attempt. I cant test it from another domain because i would need to shift a whole load of script about to do it, but if need to in order to find the problem i will?

I got a reply from my host, he said he new the problem and has to reset my sessions, needless to say that didn't do anything as i expected but he also said

I would suggest you set /tmp as the save session path this way it will correctly write to the servers /tmp folder ensuring permissions are consistent.

 

But im not sure what he means, how would i change this to make that change, anything i try give me 'ini_set() [function.ini-set]: SAFE MODE Restriction in effect', safe mode is off.

ini_set('session.save_path', '/var/www/vhosts/xxxx.co.uk/httpdocs/tmp');

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.