The directive session.cookie_domain has been set to .test.site.com on my server.
I'm using the following code to pass the session from 3rd level domain to 2nd level domain (ie, from test.site.com to site.com
$site = session_name("site");
session_set_cookie_params(0, '/', '.test.site.com');
if(!isset($_SESSION)) {
session_start();
}
but sessions aren't being passed from test.site.com to site.com
Any idea?
Use:
session_set_cookie_params(0, '/', '.site.com');
This way the domain and all subdomains will have access to the session.
I don't know whether it's possible to limit it to the domain and one subdomain.
I'm very familiar with
$site = session_name("site");
session_set_cookie_params(0, '/', '.site.com');
if(!isset($_SESSION)) {
session_start();
}
but not
$site = session_name("site");
session_set_cookie_params(0, '/', '.test.site.com');
if(!isset($_SESSION)) {
session_start();
}
When it's about to pass sessions across the upper & lower level domains.
Lesson to learn: session.cookie_domain should be set to the lowest possible common level that is 2nd level (.site.com) in order to pass the sessions across all other upper levels including site.comitself.