Implementing a session with multiple domain names

Source: Internet
Author: User
To realize the multi-domain sharing session, the first step is to understand the session's operating mechanism. The basic concept I will not say.
This is how the session works:
User A accesses Site y, if site y executes session_start (), (the following assumes that Session_Start () always exists) then a session_id is generated, the session The ID is generally saved to user A in the form of a cookie (we can force the session ID to be passed in a cookie by setting the Session.use_only_cookies to 1 in php.ini. )。 The session ID is displayed as $_cookie[' Phpsessid ']; (Phpsessid can be modified with the Session_name () function)
User A then accesses, and the session ID ($_cookie[' phpsessid ') is routed to site Y each time a accesses Y.
On site Y, there is a directory that is used to hold the actual data of the session. Site Y receives the session ID, and then passes the session ID to get an association with the session data and returns the session data.

Perhaps smart you already think of, since the server side and the client session between a session ID to contact, and session data is stored in a normal file in a specific folder.
Then we need to implement a different domain name, only the following two conditions are met:

1) The session data directory of different domain names is unified together, or synchronized update.

2) for the same customer, use a unified session ID

The implementation of the first condition.
If it is the same server, you do not need to make any settings.
If it's clustered/distributed, then I don't think I need to. To be able to do distributed applications, the experience in directory sharing should be richer than mine. I also did not conduct too many server tests, the subjective and objective conditions of the reasons are.

I'm here to talk about the second condition--to make a different domain name, with a unified session ID.
So how do we unify?
The session ID must first be passed between different domain names, and since the cookie must be for the domain name, the delivery action is done by the client. If the delivery process is not done by the client, the accepted domain name does not know which customer is being targeted.

The second is to modify the session ID under the domain name that is being passed.

How to pass:
In HTML, we can use many different methods. For example
Iframe
<iframe src= "" ></iframe>
Or. js
<script type= "Text/javascript" src= "" ></script>
or an img HTML element

As long as you can call an address, it's OK.

In WML, because of the characteristics of WML script, we cannot use script in this form to invoke, and WML is not an IFRAME. But we can still use IMG to implement the delivery.

How to modify:
Since session ID is normally passed by COOKIE, we only need to pass $_cookie[' PHPSESSID '; But if PHPSESSID is changed by Session_name, we have to modify the PHPSESSID in Setcookie. It's going to get a lot of trouble. So we can choose a session-specific function session_id to modify $_cookie[' PHPSESSID ';

A few things to note:

If Session.use_only_cookies is 0 (php default), then the session ID may be passed as a URL or other form

session_id () and session_name must be used before session_start ()

Here is a simple class that implements a multi-domain name. If the above is not very clear, you can look at my multi-domain name class. This class is implemented in the form of an IFRAME under HTML.

/*

Use:
Server A, Server B, landed in A's index.php, set up a file to receive the session in B, such as ses_get.php
A index.php make the following changes
First add session_start ();
<body></body>, Anywhere write: Mdsession::_set (' b/ses_get.php ')
And ses_get.php in the beginning to write the Mdsession::_get ();
@ Author: surfchen@gmail.com http://www.surfchen.org/*/
<?phpclass mdsession{
function Mdsession ()
{

}function Set ($urls)
{if (!is_array ($urls))
{$urls =array ($urls);} foreach ($urls as $value)
{echo ' <span style= ' position:absolute;visibility:hidden ' ><iframe src= '. $value. '? '. session_id (). ' " ></iframe></span> ';} return true;} function Get ()
{session_id ($_server[' query_string '); session_start (); return true;} function _set ($urls)
{$obj =new mdsession (); return $obj->set ($urls);} function _get ()
{$obj =new mdsession (); return $obj->get ();}
}?>

index.php:

<?php

Include "mdsession.php";

Session_Start ();

$_session[' php ']= "YOGURT8";

Mdsession::_set (' http://www.b.com/ses_get.php ');

Var_dump ($_session);

?>

ses_get.php

<?php

Include "mdsession.php";

Mdsession::_get ();

?>

b.php:

Session_Start ();

Var_dump ($_session);

Visit http://www.a.com/a.php First and then look at the http://www.b.com/b.php effect

In Firefox and Google browser is not a problem, but under Ie or not

  • Contact Us

    The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

    If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

    A Free Trial That Lets You Build Big!

    Start building with 50+ products and up to 12 months usage for Elastic Compute Service

    • Sales Support

      1 on 1 presale consultation

    • After-Sales Support

      24/7 Technical Support 6 Free Tickets per Quarter Faster Response

    • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.