Problem in maintaining session between two different domains on a website done in CakePHP [Closed]

Question

Well as I have posted earlier too...I have created a site in two languages. One with URL www.mainDomain.com (English) and other with www.fr.subDomain.com (French).

Both are done in CakePHP,in french I have just changed the views of it to French. But the problem is, when anybody login's in English version and then switches to the French version, the session doesn't recognizes it and ask for login again. It has become to be the biggest bug in the Web application which I have done till far.

For that, as Swanny told me to go through a link and I did it on my application as it was said on the link.Apparently,it worked for login which shared session between two domains(main domain and it's subdomain). But when I checked it thoroughly, I recognized that both the sites are throwing the latest NEWS from Database, both data are different. Just to check if I was wrong I changed the some save variable to database in session array. But now it refused to remember anything (session). Could anyone suggest me what could be problem with this and how can I resolve this...???

Thanks in advance

Answer 1

I'm not sure I completely understand, but I'm gonna try. I think this is about a PHP setting called session.cookie_domain.

Assuming your websites have the following URLs:

• http://www.example.org/
• http://fr.example.org/
• http://de.example.org/

The setting you want is: .example.org.

You can adjust this in php.ini, a .htaccess file or even in PHP itself:

<?php ini_set('session.cookie_domain', '.example.org'); ?>

If your websites run on two completely different domains, e.g.:

• http://example1.org/
• http://example2.org/

... then there is no way to share the cookie between these two different domains.

Answer 2

If you have two different domains, I would suggest the following:

On "www.mainDomain.com", put a link to the "www.fr.subDomain.com" site and pass the cookie in your view file:

$session_cookie = $_COOKIE[Configure::read('Session.cookie')];
echo $html->link('See French Site', 'http://www.fr.subDomain.com/?session_key='.$session_cookie);

Then on the french site add a bit of code to mimic the cookies in the app_controller.php > beforeFilter().

function beforeFilter() {
    if(!empty($this->params['url']['session_key']) {
  // Setup variables here...
  setcookie(Configure::read('Session.cookie'), $session_cookie, time()+360000, '/', $domain);
  // You could use CAKE's setcookie command here.
 }
}

Now that the cookies match up, you will have to either use database sessions or the cake file based sessions. Read the instructions in core.php to set those up.

This should allow you to basically share the same session over various sites. I'm actually in the middle of implementing ACL over multiple sites with a single login. It can get to be a bit tricky, but just do it step by step, you'll do fine. Also don't be afraid to jump into the Cake core code to see how it works.

Answer 3

@dooltaz That is a great solution. Be issue is that cake seems to be setting the cookie after me. What I did instead is send the user ro a redirect method and then move the cookie setting to the afterFilter

    function afterFilter() {
 if (!empty($this->params['url']['session_key'])) {
  // Setup variables here...
  setcookie(Configure::read('Session.cookie'), $this->params['url']['session_key'], time()+360000, '/');
  // Cakes cookie method will put your cookie name in [] so it does not work.
 }
}

(Also fixed typo in your code..)