Sessions not passing if 'www' prefix is missing

Forum Moderators: coopster

Message Too Old, No Replies

Sessions not passing if 'www' prefix is missing

Is this normal behavior?

Aleister

1:08 am on Aug 10, 2006 (gmt 0)

A couple of my PHP scripts use an image verification system. It works by generating a random code, sticking it in a session, and showing the verification file (which returns an image using the number from the session) - fairly straightforward and works pretty well for the most part.

Now say you open the page with the script in your browser:

http://example.com/script.php

But in the script, it includes the verification file like this:

http://www.example.com/script-verify.php

The verification script will not work, because it does not see the session. I know of course that sessions will not work across domains, but is this a standard issue? for sessions to not work across URLS having/not-having the www prefix?

The script can always just be modified depending on the situation, but I just wanted to see if this was a known issue I had not heard about :) I did not see any information on it anywhere, and it just seems to odd to be standard behavior. Thanks for any info :)

smatts9

2:11 am on Aug 10, 2006 (gmt 0)

When you use setcookie be sure to include the ".url.com" part so it covers the entire domain including the www.


setcookie("cookie", $var, time()+3600, "/", ".url.com");

Aleister

4:12 am on Aug 10, 2006 (gmt 0)

I was actually not even using any cookie functions. Just the $_SESSION superglobal (and session_start of course).

[edited by: Aleister at 4:14 am (utc) on Aug. 10, 2006]

smatts9

5:11 am on Aug 10, 2006 (gmt 0)

I've always used cookies, work like a charm.

coopster

3:23 pm on Aug 21, 2006 (gmt 0)

SESSION uses cookies if possible, so yes, it will indeed set a cookie. Have a look at the setcookie() [php.net] function for more discussion and understanding of cookies and accessibility within a domain.