I have several websites in one domain (virtual host): website.com/site1
, website.com/site2
etc. On each site there is a authentification, which saves the username
in Session
.
The problem is: If I'm on site1
, and, let's say, Alex accecced to site2
from my browser, site1 would think that I'm Alex. And if I do something, Alex will be written in the DB.
One solution, is to check whether the Session
and the username
is the same on each action.
Is there a solution to set different $_SESSION['name']
for site1
and site2
, using the same $_SESSION['name']
variable?
I have a lazy solution if it could work for you that.
In
When you start a session that means you do some functionalities and then store it in database like
//SQL things and finally
$_SESSION['username'] = $username;
you can do this
$_SESSION['site1-username'] = $username;
Similarly in other site
$_SESSION['site2-username'] = $username;
The better solution is found:
JS each 5 seconds sends to he server the username. Server checks if it's equal to Session. If not, the user is asked for authentification.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.