PHP cross-domain, cross-subdomain, cross-Server Read Session method introduction

Source: Internet
Author: User
Tags subdomain
    1. Ini_set (' Session.cookie_path ', '/');
    2. Ini_set (' Session.cookie_domain ', '. mydomain.com ');
    3. Ini_set (' Session.cookie_lifetime ', ' 1800 ');
Copy Code

2. Set in php.ini

    1. Session.cookie_path =/

    2. Session.cookie_domain =. mydomain.com

    3. Session.cookie_lifetime = 1800

Copy Code

3, in the beginning of the PHP page (condition same as 1) Call function

    1. Session_set_cookie_params (1800, '/', '. mydomain.com ');
Copy Code

These three ways are the same effect.

Here I use the first method set, respectively in www.mydomain.com and sub.mydomain.com two domain name to test. sub1.php

    1. First visit the page to do the setup

    2. Ini_set (' Session.cookie_path ', '/');
    3. Ini_set (' Session.cookie_domain ', '. mydomain.com ');
    4. Ini_set (' Session.cookie_lifetime ', ' 1800 ');

    5. //

    6. Session_set_cookie_params (1800, '/', '. mydomain.com ');
    7. Session_Start ();
    8. $_session[' sub1 '] = ' sub1 ';
    9. Print_r ($_session);
    10. ?>

Copy Code

sub2.php

    1. Session_set_cookie_params (1800, '/', '. mydomain.com ');
    2. Session_Start ();
    3. $_session[' sub2 '] = ' sub2 ';
    4. Print_r ($_session);
    5. ?>
Copy Code

Access Order: (1) www.mydomain.com/sub1.php page output: Array ([sub1] = sub1)

(2) sub.mydomain.com/sub2.php page output: Array ([sub1] = sub1 [SUB2] = sub2)

Success

The second target implementation can use the database to save session data, so that each server can easily access the same data source, get the same session data, or through file sharing, such as NFS Way (My other articles have how to configure NFS) if you use the database to store SESSION data, there may be a legacy problem, that is, if the site is a large number of visits, session read and write will be frequently on the database operation, you can put this in memcache. stored in the database in front of the article has been implemented. The idea of combining databases with Memcache is in front of them. If it is not very good to store the session alone with Memcache, it is best to combine with the database.

2) Cross-domain solution: The IFRAME is resolved, but FF is not supported, so you need to precede the P3P protocol.

P3P (Platform for Privacy Preferences Project), is a protocol that declares it to be a good person, allowing the collection of browser user behavior. But in reality, everyone can say that they are good people, secretly maybe do what bad things. This is where the differences lie. [Reference] Most of the domestic sites, are not concerned about this P3P. Privacy issues may not be valued abroad (Microsoft's privacy statement).

The first thought is to operate cookies through JS and let two different domains of cookies can access each other, so that can achieve the above effect.

The following is the implementation of the process, in two steps: 1, after a system successful login, using JS dynamic creation of a hidden iframe, through the SRC attribute of the IFRAME as a get parameter is redirected to the b.jsp page under the B system;

    1. var _frm = document.createelement ("iframe");
    2. _frm.style.display= "None";
    3. _FRM.SRC = "http://bbs.it-home.org/setcookie.php?mycookie=xxxxx";//here XXX Best code
    4. Document.body.appendChild (_FRM);
Copy Code

2, in the setcookie.php page of the B system to obtain the value of the cookie passed in a system, and the obtained value is written to the user's cookie, of course, the domain is their own, so that the simple implementation of the cookie cross-domain access; But there is one problem to be aware of, is in IE browser such operation can not succeed, need to set the P3P HTTP header in the setocokie.php page can be solved (detailed information can refer to: http://www.w3.org/P3P/), P3P Setup code:

    1. Header (' p3p:cp= ' CURa ADMa DEVa Psao psdo our BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR "');//ecshop so set
Copy Code
  • Related Article

    Contact Us

    The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

    If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

    A Free Trial That Lets You Build Big!

    Start building with 50+ products and up to 12 months usage for Elastic Compute Service

    • Sales Support

      1 on 1 presale consultation

    • After-Sales Support

      24/7 Technical Support 6 Free Tickets per Quarter Faster Response

    • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.