Jump to content

Does session stacks?

KaiSheng

By KaiSheng
in PHP Coding Help

 Share
Go to solution Solved by .josh,

Recommended Posts

KaiSheng Newbie

KaiSheng

Posted
Posted

Hi all, while doing on 2 projects, i came across this issue.

It is a localhost project.

I have logged into the site of my first project as a member.

The second project also auto logs in too at the same time.

It's both on the same internet in tabs.

Anyone can explain how did this happen?

Is it only applicable to localhost or what?

My projects are both different database.

 

----

For example,

if i log in to facebook, my twitter doesn't logs in as well.

If i log out of facebook, my twitter doesn't log out too.

 

Hope someone understands what i'm saying.

 

Link to comment
Share on other sites
kicken Prolific Member

kicken

Posted
Posted

The cookies used to track sessions are based on the hostname of the site. if both of your projects are using localhost but just with separate folders, then they will share cookies. You could mitigate this by setting the path for the cookies to the path of your project, but a better solution is to use different hostnames for your projects. Setup two separate virtual hosts in apache under different names and edit your systems hosts file to point those names to 127.0.0.1

Link to comment
Share on other sites
  • Solution
.josh Advanced Member

.josh

Posted
  • Solution
Posted

A php session has nothing to do with the database, unless you specifically write php script to store session variables and/or id. The session will apply to any browser tab that has the same domain. In your situation, "localhost" is the domain. But the same would hold true if both your projects were on the same www.mysite.com. But this is as far as sharing the same session id and shared access to session variables. The 2ndary reason you wind up being logged in to both your projects, is because both your projects must share the same login logic and variable naming conventions. For example, even with a shared session id, if projectA looked for $isLoggedIn and projectB looked for $loggedIn, well those are separate vars. So you must be using the same code for both projects (which isn't uncommon).

 

If you want to restrict your projects to certain subdomain(s) and/or path(s), you can use session_set_cookie_params or add extra logic to your login status to check for a specific namespaced var or value that is unique to each project.

 

Also, same principle.. logging in/out of facebook doesn't log you in/out of twitter because they are on different domains. Even if they happen to share the exact same login code (which is extremely unlikely), they are still on different domains.

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.