PHP cross-domain, cross-subdomain, cross-Server Read Session method introduction

Ini_set (' Session.cookie_path ', '/'); Ini_set (' Session.cookie_domain ', '. mydomain.com '); Ini_set (' Session.cookie_lifetime ', ' 1800 '); Copy Code 2. Set in php.ini Session.cookie_path =/ Session.cookie_domain =. mydomain.com Session.cookie_lifetime = 1800 Copy Code 3, in the beginning of the PHP page (condition same as 1) Call function Session_set_cookie_params (1800, '/', '. mydomain.com '); Copy Code These three ways are the same effect. Here I use the first method set, respectively in www.mydomain.com and sub.mydomain.com two domain name to test. sub1.php First visit the page to do the setup Ini_set (' Session.cookie_path ', '/'); Ini_set (' Session.cookie_domain ', '. mydomain.com '); Ini_set (' Session.cookie_lifetime ', ' 1800 '); // Session_set_cookie_params (1800, '/', '. mydomain.com '); Session_Start (); $_session[' sub1 '] = ' sub1 '; Print_r ($_session); ?> Copy Code sub2.php Session_set_cookie_params (1800, '/', '. mydomain.com '); Session_Start (); $_session[' sub2 '] = ' sub2 '; Print_r ($_session); ?> Copy Code Access Order: (1) www.mydomain.com/sub1.php page output: Array ([sub1] = sub1) (2) sub.mydomain.com/sub2.php page output: Array ([sub1] = sub1 [SUB2] = sub2) Success The second target implementation can use the database to save session data, so that each server can easily access the same data source, get the same session data, or through file sharing, such as NFS Way (My other articles have how to configure NFS) if you use the database to store SESSION data, there may be a legacy problem, that is, if the site is a large number of visits, session read and write will be frequently on the database operation, you can put this in memcache. stored in the database in front of the article has been implemented. The idea of combining databases with Memcache is in front of them. If it is not very good to store the session alone with Memcache, it is best to combine with the database. 2) Cross-domain solution: The IFRAME is resolved, but FF is not supported, so you need to precede the P3P protocol. P3P (Platform for Privacy Preferences Project), is a protocol that declares it to be a good person, allowing the collection of browser user behavior. But in reality, everyone can say that they are good people, secretly maybe do what bad things. This is where the differences lie. [Reference] Most of the domestic sites, are not concerned about this P3P. Privacy issues may not be valued abroad (Microsoft's privacy statement). The first thought is to operate cookies through JS and let two different domains of cookies can access each other, so that can achieve the above effect. The following is the implementation of the process, in two steps: 1, after a system successful login, using JS dynamic creation of a hidden iframe, through the SRC attribute of the IFRAME as a get parameter is redirected to the b.jsp page under the B system; var _frm = document.createelement ("iframe"); _frm.style.display= "None"; _FRM.SRC = "http://bbs.it-home.org/setcookie.php?mycookie=xxxxx";//here XXX Best code Document.body.appendChild (_FRM); Copy Code 2, in the setcookie.php page of the B system to obtain the value of the cookie passed in a system, and the obtained value is written to the user's cookie, of course, the domain is their own, so that the simple implementation of the cookie cross-domain access; But there is one problem to be aware of, is in IE browser such operation can not succeed, need to set the P3P HTTP header in the setocokie.php page can be solved (detailed information can refer to: http://www.w3.org/P3P/), P3P Setup code: Header (' p3p:cp= ' CURa ADMa DEVa Psao psdo our BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR "');//ecshop so set Copy Code

