Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

PHP Sessions across subpages of same domain

Tags:

php

session

I have one domain (domain.com) with multiple sub-pages that have different sessions (by default) and I want some of those sub-pages to share a session.

So for example I have domain.com/section1/staff/ and domain.com/section2/staff/. I am using the $_SESSION variable to store info on the currently logged in user and I want to be able to log in once in section1/staff/ and still be logged in when I go to section2/staff/.

From reading other postings it seems like this is the default way that sessions should work and in both pages the domain isn't set and the path is "/" in session_get_cookie_params() so it should be the same session but it's not sharing the $_SESSION variable and even when I call session_destroy() it doesn't destroy the other session.

Is there a way to explicitly set them to use the same (or another place to look for default settings that wouldn't show up in the session_get_cookie_params() array)?

like image 614
Mike Avatar asked Oct 07 '22 01:10

Mike

1 Answers

By default PHP will use the same session for all scripts on the same domain. Watch out for bouncing between domain.com and www.domain.com as they may not have the same session.

Instead of creating completely separate sessions for each section, why not use a single global session for the user and section that off? There is no reason $_SESSION can't be a multi-dimensional array.

//// things needed in multiple sections could go into a common grouping:
$_SESSION['common']['user'] = 'josh';
$_SESSION['common']['privileges']['section_access'] = array( 'section1'=>"yes", 'section2'=>"no", 'section5'=>"security-prompt" );

//// while things that were section specific could be grouped by section:
$_SESSION['section1']['agreed_to_terms'] = true;

//// you could also group by logical functionality:
$_SESSION['staff']['badge_no'] = 44815;

Using this kind of structure, you would have all the information available to you in each script, but only use the parts you need.

Also, this saves you the headache of juggling session_name() and other tricky bits in your logic. Plus, this solves the problem of how to share some bits of information (such as current user) between sessions.

like image 189
Steve Avatar answered Oct 13 '22 10:10

Steve
Sign in to Comment

Related questions

"Connection refused" error on socket_connect in php
analytics tracking with php website
Is there a way in PHP to capture ALL the information passed using the POST method
Symfony 2 Dependency Injection & autowiring
PHP signup form validation
Doctrine 2 - getSQL from $em->find()
PHP/MySQL - Allowing users to create custom form fields for CMS
MySQL Database I18N, a JSON approach?
Yii basic read and write file helper
PHP. Named groups in the replacement string
Insert in mysql from php saves a date field as 00:00:00 instead of NULL
Avoiding 500 line limit exceeded error while sending emails
Same name for form fields & database table fields?
PHP/MYSQL how to get last_insert_id in transaction
Change input text value in before submitting form
How to install gmp extension for php 7.2 using MAMP on OSX
Laravel Fatal Error Class Not Found when migrating
Laravel deployment... there is a standard way?
file_get_contents receive cookies
Check if a value exits in array (Laravel or Php)

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!