How can I manage separate session states for two different websites on the same hosting using php

Question

I am currently developing two web sites, and debugging them by connecting to localhost .

The first site is referenced with http://localhost/web1 and the second is referenced with http://localhost/web2 .

I have created a login script for each in which three domain-specific session variables are set, eg:

1. $_SESSION['web1_user']
2. $_SESSION['web1_login']
3. $_SESSION['web1_sessionID']

However, when I log in to both sites on the same browser , then log out of one site (which fires session_destroy() , I am automatically logged out of the second site as well.

Any ideas as to how I might resolve this problem would be very much appreciated. :(

Answer 1

Ahhh, the pleasures of shared hosting! The best thing to do is simply use a different browser for each site whenever you actually require being logged in to both sites simultaneously...

To explain why this is important, you must understand the following, however:

Session variables are stored on the server, with a keyed reference on the server and a cookie on your browser. Once you unset and destroy either of the two, a match can no longer be made - and your session is gone!

session_start();
session_unset();
session_destroy(); 

The above will kill all session variables linking the server to your browser (on the server side).

The way to manage this easily is to make session variables into another set of arrays:

$_SESSION["site1"] = array( $user_id, $session_id );
$_SESSION["site2"] = array( $user_id, $session_id );

You could of course make it fancy:

$_SESSION['site3']['userID']    = 'someuserid';
$_SESSION['site3']['sessionid'] = 'somesessionid';

Then when you logout from site 1

session_start();
unset($_SESSION['site1']);

In this case, you have created a separate session management system for each site (using a two-dimensional array, the top layer of which is keyed by your site's identifier). This makes it so that each site manages a separate set of session variables - and when you destroy one, you do not touch the others.

However, I realllllllllly recommend using different browsers instead (or in addition)...

Answer 2

I recently solved a problem which is related to your question. Originally, I was looking for an implementation similar to what you are describing, and after doing quite a bit of searching around - this is what I came up with:

Site 1 :

ini_set("session.cookie_domain", "yourdomainname");
$some_name = session_name("some_name");
$domain = 'your domain name';
session_set_cookie_params(0, "/", $domain);
session_start();
$_SESSION['user']=$_POST['user'];
$_SESSION['password']=$_POST['password'];

Site 2 :

$some_name = session_name("some_name");
ini_set('session.cookie_domain', 'yourdomainname');
session_start();
echo $_SESSION['user'];
echo $_SESSION['password'];

This change worked well for me - and my guess is that it will also help you.

Answer 3

Use

session_name('web1');

before session_start();

Answer 4

通过session_name()或session.name在每个应用程序中设置不同的会话名称。

Answer 5

你可以用它

ini_set("session.cookie_domain", ".example.com"); 

Answer 6

You need to make a different host for different site

in this case you have two site running on same host called localhost so for same host name sessions are shared.

Answer 7

Include the file with the session start in the second domain.

web1 contains the session start file, web2 include('../web1/session.php');

Answer 8

You can use different session name in all website like for first website you have used $_SESSION['web1_user'], $_SESSION['web1_login'], $_SESSION['web1_sessionID'] then second website you can use $_SESSION['web2_user']

I have already face this problem and solved it using different name of session.

Answer 9

Bez sessions are shared in the same browser, so if you logout from one tab, the other tabs will be logged out,

Example: I login in Chrome, and I open in another Chrome, the Sessions are shared, so if i logout from one, the other one gets logged out automatically!