在 php 中的子域上共享会话 [英] Share session on subdomains in php
问题描述
我在两个子域之间共享会话时遇到问题,我在这里和其他地方阅读了很多主题.
I have a problem sharing the session between two subdomains, and I've read a lot of threads here and other places.
我有 www.xx.com 和 sub.xx.com 并且我已经设置了
I have www.xx.com and sub.xx.com and I've set
session_name("PHPSESSXX");
session_set_cookie_params(0, '/', '.xx.com');
并且 session.save_path 在两个域上是相同的.
and the session.save_path is the same on both domains.
我在两个域上都有一个名为 PHPSESSXX 的 cookie,它具有相同的值.
I get a cookie called PHPSESSXX on both domains, and it has the same value.
当我登录 www.xx.com 时,我会收到一个会话,其中包含一些详细信息,并且在我转到 sub.xx.com 之前一直保持这种状态.然后 sub.xx.com 上的会话是空的,如果我刷新 www.xx.com,那里的会话也消失了.所以它做了一些事情,但似乎每次我访问不同的子域时都会覆盖会话数据.
When I log on to www.xx.com I get a session with some details in it, and it stays that way until I go to sub.xx.com. Then the session on sub.xx.com is empty, and if I refresh www.xx.com, the session there is gone as well. So it does something, but it seems to be overwriting the session data each time I visit a different subdomain.
任何人有任何想法吗?- 我可以以某种方式调试它吗?
Any ideas anyone? - Can i debug this somehow?
顺便说一句:我在两个域上都使用 ssl.
Btw: I'm using ssl on both domains.
干杯
推荐答案
我的解决方案是在 .htaccess
中设置一个标志,如下所示:
My solution was to set a flag in .htaccess
like this:
php_flag "suhosin.session.cryptdocroot" 0
它现在完美运行;o)
问题是系统上安装了Suhosin,和ini变量
The problem was that Suhosin was installed on the system, and the ini variable
suhosin.session.cryptdocroot = On
以这样一种方式加密会话文件,当另一个子域试图更改会话时,出于安全原因,它会删除所有内容.
encrypted the session files in such a way, that when a different subdomain tried to change the session, it deleted everything for security reasons.
在 ini 文件中将变量设置为 Off 或 [nothing] 对我不起作用,尽管我可能没有找到正确的文件.
It didn't work for me to set the variable to Off or [nothing] in the ini-file, though maybe I didn't find the right file.
我也尝试在 PHP 中设置它,但没有任何运气.像这样:
I also tried setting it in PHP without any luck. Like this:
ini_set('suhosin.session.cryptdocroot', 0)
干杯
这篇关于在 php 中的子域上共享会话的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!