5

I'm working in a PHP project that uses subdomains, sessions and Ajax. But unfortunately I can't make it work! I'll try explain:

Let's assume that I'm at this domain: app.mysite.com/index.php

At this domain, I have a form that performs an Ajax request to mysite.com/functions/execute.php (without any subdomain)

In the first line of execute.php, I have a require_once that include a helper.php file. In this file I have put:

ini_set('session.cookie_domain',  '.mysite.com');
session_set_cookie_params(0, '/', '.mysite.com');
session_start();

All PHP files listed also include the helper.php.

If I for example run:

echo $_SESSION["myValue"];

At app.mysite.com/index.php or any other subdomain, like auth.mysite.com, I'll get the value: "test". But if I run the same code at execute.php, and return the value through Ajax I'll get undefined index!

What am I doing wrong?

Improve this question
3
  • stackoverflow.com/questions/14611545/… Commented Sep 28, 2016 at 3:37
  • These are possibly related. 1, 2, 3 Only "possibly" cause those are all 3+ year old questions so it's possible they don't work anymore. If you would, add your version of php to the question and, if one of these solves your problem, answer your own question or go leave a comment on those saying which solution is still good. Commented Sep 28, 2016 at 4:43
  • Thanks for the answers but, unfortunately I can't get the $_SESSION values using AJAX. If I open the URL requested on AJAX, at my Web Browser I can see the $_SESSION value. Only using AJAX that don't work! Commented Sep 28, 2016 at 23:06

3 Answers 3

Reset to default
3

I already figure out how to make this work. Ajax Post method do not send credentials header by default, so we need to enable manually:

$.ajax({
    method   : "POST",
    url      : "https://example.com/functions/execute.php", 
    data     : myData,
    xhrFields: { 
        withCredentials: true
    }
}).done(function(result) {
    alert("success"));
});

And in execute.php you need to put:

ini_set('session.cookie_domain',  '.example.com');
session_set_cookie_params(0, '/', '.example.com');
session_start();
header('Access-Control-Allow-Credentials: true');

And if you request this from a subdomain, also need to put at example.php:

header('Access-Control-Allow-Origin: http://app.example.com');
Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

1

Please refer this link. I hope it's will help you.

Setting a cookie on a subdomain from an ajax request

I do not see SESSION vars when calling subdomain script with Jquery (ajax)

Thank You!

Improve this answer

Comments

1

If your project is web based application you can easily set cookie/session in all domain with a simple trick. Am sure this works for cookies but never tried with sessions. Lets do what Google is doing. Create a PHP file that sets the cookie on all 3 domains. Then on the domain where the theme is going to set, create a HTML file that would load the PHP file that sets cookie on the other 2 domains. Example:

<html>
   <head></head>
   <body>
      <p>Please wait.....</p>
      <img src="http://domain2.com/setcookie.php?theme=whateveryourthemehere" />
      <img src="http://domain3.com/setcookie.php?theme=whateveryourthemehere" />
   </body>
</html>

Keep those img elements hidden so that it will not show any broken image in the front end if page is visible to user.Then add an onload callback on body tag. The document will only load when the images completely load that is when cookies are set on the other 2 domains. Onload Callback :

<head>
   <script>
   function loadComplete(){
      window.location="http://domain1.com";//URL of domain1
   }
   </script>
</head>
<body onload="loadComplete()">

We set the cookies on the other domains using a PHP file like this(setcookie.php ) :

<?php
if(isset($_GET['theme'])){
   setcookie("theme", $_GET['theme'], time()+3600);
}
?>

Now cookies are set on the three domains:) and with web application you know how retrieve cookie:)

Ofcourse you may need to tweek in this code as per your requirements. But this this will definitely give you an idea to proceed

Hope this helps

Improve this answer

1 Comment

Thanks for the answer but didn't help me. What I was trying to do is use the same session between subdomains and root domain using Ajax, but I already figure out how to do it!

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.