php subdomain session sharing not working properly

Question

The site configuration is as follows:

testsite.co.kr: default site

login.testsite.co.kr: subdomain created for integrated login

100.testsite.co.kr: subdomain

200.testsite.co.kr: subdomain

session_test.php: content start ===========================

session_set_cookie_params(0, '/');
session_name("mysession");
session_cache_limiter("no-cache, must-revalidate");
ini_set("session.cookie_domain", ".testsite.co.kr");
session_start();
$_SESSION['userid'] = "kim";

session_test.php: content end ===========================

After placing and running session_test.php on the testsite.co.kr site, access to 100.testsite.co.kr or 200.testsite.co.kr, be logged in (can read $_SESSION['userid'])

After placing and running session_test.php on the login.testsite.co.kr site, access to 100.testsite.co.kr or 200.testsite.co.kr, not be logged in . (Cannot read $_SESSION['userid'])

Even when logging in at login.testsite.co.kr, is it not possible to log in to another subdomain (session sharing)?

How to log in to login.testsite.co.kr(subdomain) and be logged in state when accessing another subdomain?

please help me

Answer 1

** Note ** The OP is using PHP4.3 which is 13 years old and cannot satisfy modern browser requirements for cookie security.

Add the domain to your session_set_cookie_params in line 1

 session_set_cookie_params(0, '/', '.testsite.co.kr');

The params must be set before initializing the session.

This is all covered in the manual . It also says to keep the leading "." in the domain to allow subdomains to use the cookie.