PHP在不同域名之间传递会话数据
[英]PHP passing session data between different domain names
问题描述
我在同一台服务器上有2个域名但想要使用会话变量传递一些数据怎么做?
2 个解决方案
解决方案1
2 2010-09-24 19:14:15
You can do something like this: 
你可以这样做:
$name = session_name("name");
session_set_cookie_params(0, '/', 'domain.com');
session_start();
See session_set_cookie_params for more info. 有关详细信息,请参阅session_set_cookie_params 。
解决方案2
2 2010-09-24 19:16:22
Assuming you mean domains to be something.com and someothersite.com , then configure the two sites to use the same directory for their session files ( /tmp ?), then just tack on the session ID to the links between the site: 假设您的域名是something.com和someothersite.com ,那么将两个站点配置为使用相同的目录作为其会话文件( /tmp ?),然后将会话ID添加到站点之间的链接:
http://something.com?sessionID=session_id_from_someothersite.com
http://someothersite.com?sessionID=session_id_from_something.com
then have your session handling code in each check for that parameter and load it up. 然后让你的会话处理代码在每个检查该参数并加载它。
However, passing the session IDs around in plaintext URLs is highly insecure. 但是,在纯文本URL中传递会话ID是非常不安全的。 This is how session fixation attacks become trivial. 这就是会话固定攻击变得微不足道的原因。 A slightly more secure method would be to use a POST form on each server to "log into" the other domain and pass the session ID as a parameter. 稍微更安全的方法是在每个服务器上使用POST表单“登录”另一个域并将会话ID作为参数传递。 Or better yet, pass an encrypted one-time-usage token instead of the session ID. 或者更好的是,传递加密的一次性使用令牌而不是会话ID。
If you're serving them as seperate sub-domains of the same parent domain ( siteA.example.com and siteB.example.com ), simply configure both to set their session cookies on example.com and it'll be shared between the two sites. 如果您将它们作为同一父域( siteA.example.com和siteB.example.com )的单独子域提供服务,只需将它们配置为在example.com上设置其会话cookie,它们将在两个网站。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.