Forum Moderators: open
Another reason for wanting to do this is that I also want to avoid duplicate accounts or forcing the client to go through two separate sign-up processes.
Is this possible?
The key is to use a single database (or maybe a text-file) for both sites. Your signup process (on either site) writes the information into the one table, and then the client can log in from either site using their information.
You could then set cookies to keep them logged in - so effectively they only have to log in once on each site. (This, however, could lead to security issues.)
If both your sites are hosted on the same server, then this suggestion should not be a problem. If they are hosted on separate servers, then you'll have to have one server which holds the database, and then the secondary server will have to poll the database remotely for the information.
HTH,
JP
If you want to have one universal login page for all of the sites, just make them chose one of the sites(with a radio button) and then redirect them after authetication.
Makes sense? I don't know. ;)
I hope I answered your question.
//ZS
My user authentication sets certain session and client-side variables up when they log in.
My dilema is that I can't envision a way to do this because I'm under the impression that you cannot share cookies or session varibles between two seperate sites.
One solution to the security issue this involves could be dedicating a field in the table for a one-time-checksum.
An impossible to guess, random number you create and store in the DB every time someone successfully logs in on the universal page. Pass that checksum and the userid to the page on the other server and verify it. If it's a match, consider it to be a valid login and set the cookie. After use, reset the checksum.
