I would like to share a cookie across 2 domains as my mobile site runns on a subdomain.
production server:
www.server.com
m.server.com
development server:
rabbit.server
rabbit.m.server
My PHP-code to set the cookie looks like this:
if ($settings['development'] == true) // intranet does not work with subdomains :-(
setcookie($cookiename,$sessid, $expires,'/','',0);
else // production
setcookie($cookiename,$sessid, $expires,'/', $subdomain.'.'.$domain['name'],0);
How could I share this cookie across the 2 domains in order to have the client loged in on both sites?
Is this what you mean?
"To make the cookie available to the whole domain (including all subdomains of it), simply set the value to the domain name ('example.com', in this case)."
http://php.net/manual/en/function.setcookie.php
You dont have to explicitly define the sub-domain:
setcookie('cookiename','cookievalue',time()+(3600*24),'/');
Place cookie in root and it would be accessible every where.
So basically '/' defines that it can be accessed in all the folders.
Well, there's two ways of doing this.
You can either set the cookie on the whole domain, which will allow you to access it from any subdomain, or if you wish to only allow certain subdomains then you'll have to create two cookies, one for each.
You can't have one single cookie for two different subdomains only, you can enable it on the whole domain, or you can have multiple cookies, one for each subdomain.
Code-wise you have to change
setcookie($cookiename,$sessid, $expires,'/', $subdomain.'.'.$domain['name'],0);
to
setcookie($cookiename,$sessid, $expires,'/','.'.$domain['name'],0);
Related
I have two domains that I want to communicate. I want the first domain to set a cookie in the second domain telling the second domain that the current user is known to the first domain. I understand that I cannot read cookies for another domain, but given that I have access to both, is there a way to accomplish this?
Both domains are implemented in PHP. One is a Drupal site and the other a WordPress site.
Server can't read cookie for another domain but, you can add cookie for another domain. When adding cookies, you should add double cookie. First your normal cookie and second for another domain. Both values are the same.
I own a lot of subdomains, but only the main domain have SSL. On each subdomain there is a different website, and all are using the same CMS system, the same files and hosting (basicly it is redirects to the main domain and using PHP I show the site they want to see). I have one SSL to my main domain only. It won't work on subdomains obviously. So I thought to submit the form to the main domain from the subdomain using AJAX, but I guess it isn't safe, so I decided that I should use:
<iframe src="https://main.com/login.php?webid=958325&pageid=83985&hash=hjWR23grvw$%F$W"></iframe>
but the problem is the cookies. How can I create a cookie that will work on all subdomains, the main domain, and if it is possible, to some specific urls (that works the same way, but domain and not subdomain).
http://php.net/setcookie
The fifth and sixth parameter might interest you, which are respectively:
(5th) domain
(6th) secure
For example:
// This cookie will only be set to domain.com/folder if a secure connection exists and will expire once the browser closes.
setcookie('cookie', $variable, 0, 'folder/', 'domain.com', true);
To have cookie working on all subdomains you need to set cookie to .example.com but it wont work on example.com, so you may need to set two cookies.
I have a cookie
cookie_name : debug_flag
cookie_value: 1
cookie_domain : localhost
I have 2 sites with diffrent domain:
www.aaa.com
www.bbb.com
I want to get the common cookie (debug_flag) in these sites using php.
how can I get it?
<?php
// how to get debug cookie ....
if($debug_flag){
echo 'yes'
}
?>
You can not. Cookies are used inside domain only (2-nd level domain) and can not be passed natively (i.e. via cookie logic in browser) from one domain to another. You have to pass your variable via another way, such as GET, for example. Another way is to make your sites (I assume they are both yours) as a subdomains for common domain, i.e.
aaa.domain.com
bbb.domain.com
-then you will be able to access cookies from one site to another.
Cookie are used per domain for security reason - so to be sure that one site will never access to cookies of another.
I have a website with two domain names which shows the same content from both domain names and it is also correct for sub-domain, but the problem is when I set a cookie for this website which is used in its sub-domain websites.
The cookie is being set only to one domain name, not for both.
What is the problem?
As you must know, a cookie can only be set for a domain from that domain (including its subdomains). And if your domains do not share a common superdomain, you need set each cookie for each domain separately.
You can do this with a script that on each domain that sets the cookie for you. But make sure to authenticate requests to these scripts so that only you can set the cookies.
Refer link
You can setup an API on a common domain to set cookies for all domains which want to access said cookie info. The common domain cookie would have namespace keys representing the domains, etc. and would do all the cookie reading/writing. Use XHR to access the common domain with params you wish to be placed into the common cookie. Just keep in mind Safari disables 3rd party cookies by default.
You cannot share cookies between two different domains, even if you own both of them.
SO has some posts regarding cross domain cookies, and other possible solutions:
Cross domain cookies
Cross-Domain Cookies
Cookies are not designed to be accessible for other domains
But there is always a workaround ;)
There are to method to achieve this
including 2 hidden iframes from different domains to set cookies with same value.
Ex. http://productforums.google.com/forum/#!topic/websiteoptimizer/aD4rZSoaKNo
using master and slave domain configuration
Example:
https://developers.google.com/analytics/devguides/collection/gajs/gaTrackingSite
http://www.codeguru.com/csharp/csharp/cs_internet/article.php/c19417/Sharing-Cookies-Across-Domains.htm
I have a website with multiple subdomains, which share a unique PHP session cookie to identify each user. I did this by simply adding session.cookie_domain = '.mydomain.com', however I'm wondering if it's possible to specify more than one subdomain, so that cookies will only get sent to, for example, www.mydomain.com and user.mydomain.com but won't in images.mydomain.com.
Would this be possible?
No, those would have to be 2 separate cookies.
You would have to create a sub-domain like sub.mydomain.com, have hosts like www.sub.mydomain.com etc., and set cookies for .sub.mydomain.com if you wanted to isolate cookies in that way...
for future users, actually you can just rename the cookie id and you can have specific cookie for that subdomain