On Sat, Dec 8, 2012 at 12:10 PM, Jim Giner <jim.giner@xxxxxxxxxxxxxxxxxx>wrote:
> On 12/8/2012 11:41 AM, Jim Giner wrote:
>
>> On 12/8/2012 11:04 AM, Daniel Brown wrote:
>>
>>> You can pass the session ID and reactivate the session that way,
>>> sure. Not pretty, and it does lead to security considerations, but it
>>> would work.
>>>
>>> OK - I've done this in script 1:
>>
>> if (isset($_REQUEST['sess']))
>> $sess_id = $_REQUEST['sess'];
>> else
>> $sess_id = '';
>> if ($sess_id > '')
>> {
>> session_start($sess_id);
>> $errmsg .= "started sess id is: $sess_id ";
>> }
>> else
>> {
>> session_start();
>> $errmsg .= "started new sess ";
>> }
>>
>>
>> Then my process creates a Session array and calls script 2
>> In script 2 I have:
>>
>> if (isset($_GET['sess']) && $_GET['sess'] <> '')
>> {
>> $sess_id = $_GET['sess'];
>> session_start($sess_id);
>> $errmsg .= "started sess $sess_id ";
>> }
>> else
>> {
>> session_start();
>> $sess_id = session_id();
>> $errmsg = "started NEW sess with id of $sess_id ";
>> }
>>
>> My $errmsg shows me the same sess id in both scripts, and it would
>> appear that I have managed to pass my session across the sub-domains.
>> But when script 2 attempts to access the contents of the Session array
>> created in script 1 it doesn't find it. What am I not doing?
>>
>> Forgot to mention that when I do header(...) to go to script 2 that I do
> append the session id to my url
> Same on the return from script 2 back to script 1.
>
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>
I know i'm late to the party here but I had to do something similar
I used something similar to
http://www.nczonline.net/blog/2010/09/07/learning-from-xauth-cross-domain-localstorage/
ie storing the session state in html localstorage objects then using the
methods in that link to read them thru iframes on the other domain...
