5

I'm working in a PHP project that uses subdomains, sessions and Ajax. But unfortunately I can't make it work! I'll try explain:

Let's assume that I'm at this domain: app.mysite.com/index.php

At this domain, I have a form that performs an Ajax request to mysite.com/functions/execute.php (without any subdomain)

In the first line of execute.php, I have a require_once that include a helper.php file. In this file I have put:

ini_set('session.cookie_domain',  '.mysite.com');
session_set_cookie_params(0, '/', '.mysite.com');
session_start();

All PHP files listed also include the helper.php.

If I for example run:

echo $_SESSION["myValue"];

At app.mysite.com/index.php or any other subdomain, like auth.mysite.com, I'll get the value: "test". But if I run the same code at execute.php, and return the value through Ajax I'll get undefined index!

What am I doing wrong?

jNewbie
  • 336
  • 1
  • 13
  • http://stackoverflow.com/questions/14611545/preserving-session-variables-across-different-domains – Bogdan Burym Sep 28 '16 at 03:37
  • These are possibly related. [1](http://stackoverflow.com/questions/9153716/sharing-session-variables-between-multiple-subdomains), [2](http://stackoverflow.com/questions/1064243/php-sessions-across-sub-domains), [3](http://stackoverflow.com/questions/644920/allow-php-sessions-to-carry-over-to-subdomains) Only "possibly" cause those are all 3+ year old questions so it's possible they don't work anymore. If you would, add your version of php to the question and, if one of these solves your problem, answer your own question or go leave a comment on those saying which solution is still good. –  Sep 28 '16 at 04:43
  • Thanks for the answers but, unfortunately I can't get the $_SESSION values using AJAX. If I open the URL requested on AJAX, at my Web Browser I can see the $_SESSION value. Only using AJAX that don't work! – jNewbie Sep 28 '16 at 23:06

3 Answers3

3

I already figure out how to make this work. Ajax Post method do not send credentials header by default, so we need to enable manually:

$.ajax({
    method   : "POST",
    url      : "https://example.com/functions/execute.php", 
    data     : myData,
    xhrFields: { 
        withCredentials: true
    }
}).done(function(result) {
    alert("success"));
});

And in execute.php you need to put:

ini_set('session.cookie_domain',  '.example.com');
session_set_cookie_params(0, '/', '.example.com');
session_start();
header('Access-Control-Allow-Credentials: true');

And if you request this from a subdomain, also need to put at example.php:

header('Access-Control-Allow-Origin: http://app.example.com');
jNewbie
  • 336
  • 1
  • 13
1

Please refer this link. I hope it's will help you.

Setting a cookie on a subdomain from an ajax request

I do not see SESSION vars when calling subdomain script with Jquery (ajax)

Thank You!

Community
  • 1
  • 1
Ragu Natarajan
  • 689
  • 3
  • 15
1

If your project is web based application you can easily set cookie/session in all domain with a simple trick. Am sure this works for cookies but never tried with sessions. Lets do what Google is doing. Create a PHP file that sets the cookie on all 3 domains. Then on the domain where the theme is going to set, create a HTML file that would load the PHP file that sets cookie on the other 2 domains. Example:

<html>
   <head></head>
   <body>
      <p>Please wait.....</p>
      <img src="http://domain2.com/setcookie.php?theme=whateveryourthemehere" />
      <img src="http://domain3.com/setcookie.php?theme=whateveryourthemehere" />
   </body>
</html>

Keep those img elements hidden so that it will not show any broken image in the front end if page is visible to user.Then add an onload callback on body tag. The document will only load when the images completely load that is when cookies are set on the other 2 domains. Onload Callback :

<head>
   <script>
   function loadComplete(){
      window.location="http://domain1.com";//URL of domain1
   }
   </script>
</head>
<body onload="loadComplete()">

We set the cookies on the other domains using a PHP file like this(setcookie.php ) :

<?php
if(isset($_GET['theme'])){
   setcookie("theme", $_GET['theme'], time()+3600);
}
?>

Now cookies are set on the three domains:) and with web application you know how retrieve cookie:)

Ofcourse you may need to tweek in this code as per your requirements. But this this will definitely give you an idea to proceed

Hope this helps

Prajwal
  • 201
  • 2
  • 9
  • Thanks for the answer but didn't help me. What I was trying to do is use the same session between subdomains and root domain using Ajax, but I already figure out how to do it! – jNewbie Sep 29 '16 at 02:21