Click here to Skip to main content
15,793,535 members
Please Sign up or sign in to vote.
0.00/5 (No votes)
See more:
I heard the best method to share session across multiple domains on same server is to use custom php session handler. (ie, domain name different like, but single application.)

But after i tried it, even custom php session handler that using SAME DATABASE ON 1 SERVER can't share session, when i tried to read cookie value from different domain. (it works ok on same domain)

Here's my custom session handler, Please kindly check or fix if something missing here. because i've tried it for a week now. can't get it to work

// config 
$m_host = "localhost"; //MySQL Host 
$m_user = "db_user"; //MySQL User 
$m_pass = "db_pass"; //MySQL Pass 
$m_db   = "db_name"; //MySQL Database
$table  = "sess_data";
$session_expire = 600; // Session expire time, in seconds (minutes * 60 = seconds) 
$gc_probability = 100; // Probability that the garbage collection function will be called. 50% chance by default 
/* Open function; Opens/starts session 
   Opens a connection to the database and stays open until specifically closed 
   This function is called first and with each page load */ 
function open ($s,$n) // do not modify function parameters 
  global $session_connection, $m_host, $m_user, $m_pass, $m_db; 
  $session_connection = mysql_pconnect($m_host,$m_user,$m_pass); 
  return true; 
/* Read function; downloads data from repository to current session 
   Queries the mysql database, unencrypts data, and returns it. 
   This function is called after 'open' with each page load. */ 
function read ($id) // do not modify function parameters 
  global $session_connection,$session_read,$table; 
  $query = "SELECT data FROM `$table` WHERE id=\"{$id}\""; 
  $res = mysql_query($query,$session_connection); 
  if(mysql_num_rows($res) != 1) return ""; // must return string, not 'false' 
    $session_read = mysql_fetch_assoc($res); 
    $session_read["data"] = base64_decode($session_read["data"]); 
    return $session_read["data"]; 
function write ($id,$data) // do not modify function parameters 
  if(!$data) { return false; } 
  global $session_connection, $session_read, $session_expire, $table; 
  $expire = time() + $session_expire; 
  $data = mysql_real_escape_string(base64_encode($data)); 
  if($session_read) $query = "UPDATE `$table` SET data=\"{$data}\", expire=\"{$expire}\" WHERE id=\"{$id}\""; 
  else $query = "INSERT INTO sess_data SET id=\"{$id}\", data=\"{$data}\", expire=\"{$expire}\""; 
  return true; 
function close () 
  global $session_connection; 
  return true; 
function destroy ($id) // do not modify function parameters 
  global $session_connection,$table; 
  $query = "DELETE FROM `$table` WHERE id=\"{$id}\""; 
  return true; 
function gc ($expire) 
  global $session_connection,$table; 
  $query = "DELETE FROM `$table` WHERE expire < ".time(); 
// Set custom handlers 
session_set_save_handler ("open", "close", "read", "write", "destroy", "gc"); 
// Start session 

// MySQL Database Table
create table sess_data (
id2 int not null auto_increment,
id text not null,
data text,
expire int not null,
primary key(id2)

1 solution

If you're trying to use a cookie to store the id value of the session data that will not work at all as browsers do not allow a domain to read a cookie that was created by a different domain.

What you would need to do is when the redirect occurs to a different domain place the id value in the querystring this way the second domain will be able to know the id value for the session data and be able to access it in the database.
Share this answer

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

CodeProject, 20 Bay Street, 11th Floor Toronto, Ontario, Canada M5J 2N8 +1 (416) 849-8900