如何在两个不同的域中共享PHP会话

Question

Well, here it goes.

My client recently buy an SSL Certificate for the domain1.net. Weeks later, he bought the domain1.com, which he thinks is better.

Now, he wants to use the domain1.com but I can't move the certificate from domain1.net to domain1.com because the time for this has expired.

So, the client navigate in domain1.com, and when he needs to login or put credit card information, I redirect to https://domain1.net . But I need to share the PHP $_SESSION between this 2 domains.

How can I do this? Any ideas? Thank's!

Answer 1

您可以将会话数据放入缓存，这两个域都应该可以访问该缓存（不确定幕后有多少服务器），然后在重定向发生后从缓存中检索会话数据。

Answer 2

You are pretty much out of luck with using $_SESSION functionality I would think. The problem being that you will not be able to pass the session id cookie between the two different domains (you could pass between two subdomains by controlling the cookies domain). You could try passing the session id in the query string, but who wants to do that.

You could implement you own backend logic to store information common to the two domains, but I would think this would require your own token system to authenticate users to your session id replacement when moving back and forth between domains.

Your best option is to tell your client he needs to buy a cert on the .com domain. Either that or he can pay you a significantly greater amount to build you own customized pseudo-session system.

Answer 3

You cannot do that, (thank God).

You have to find a other way to exchange data:

• Perhaps the 2 sites are on the same server, and can have access to a common directory. /tmp for example, thats where the default session files are also.
• If not on the same server, use ftp, http or another protocol to exchange the data.

Of course, the most easy solution is to buy a new certificate (for a few dollars a year its yours) and merge the sites together.

Answer 4

There is a long way here

Create a php file(share.php) as following in both domains, data is shared by this method

<?php session_start();
echo json_encode($_SESSION);
?>

Now create another file, better to use as include, on another domain for receiving session data

<?php session_start();
$abc = file_get_contents('http://domain1.com/share.php');
$obj = json_decode($abc);

print_r($obj);

?>

print_r will show you whole session data of another server in this way. Use combination of objects and arrays to access all elements. If you need to overwrite this server's session use this code instead of print_r

<?php

foreach($obj as $key => $value){
$_SESSION[$key] = $value;
}

?>

Answer 5

Do you need the session data or just some login information? In either case, you can serialize $_SESSION (http://php.net/manual/en/function.serialize.php) or store it however you want in a database. Add a primary key and a "secret" field which you can fill with rand(0,1000000000);

Then when you link to the website, pass the primary key and the secret number and use this to fetch the session information from the database.