Answer the question
In order to leave comments, you need to log in
PHP. Sessions in the database. Cross-domain authorization. Is there something I don't understand about this life?
Sessions are stored in the database. Authorization is common for 2 sites (2 domains, sites lie side by side on the same server). When a user logs in to one site, a redirect occurs to the second one, where session_name() is set to the same value as on the first site (in cookies). The table with session data is common for 2 sites.
Everything worked fine on the old hosting, but not on the new one.
Description of the problem -
I logged in from one site. I go to the second one, data is retrieved from the database (the read function), everything is fine here. But - right after session_start(), I do print_r($_SESSION) and see an empty array. Those. gave the line, received - ... received nothing. This only happens with data recorded on one site that I'm trying to read on another.
What I found - the data on the old hosting was written in the form of a serialized array. Here it is 'rJFJvf6LVaiQoSWdAHmIFSu5Zfx-393AnbN81sd2B5jmEeWlhKYJB_E9Lv93BjVw'. Maybe that's the issue.
session.serialize_handler = php on both
php hostings - 5.2.4(old) / 5.2.14(new)
all php settings of the session block are the same.
Thank you!
Answer the question
In order to leave comments, you need to log in
Option 1 - evil and terrible "Suhosin" - session data encoder.
And kindly show the settings for read-write-start sessions
rJFJvf6LVaiQoSWdAHmIFSu5Zfx-393AnbN81sd2B5jmEeWlhKYJB_E9Lv93BjVw is more like a key than data and length = 64
It looks like php is built with a security enhancement module like Suhosin that encrypts session data. And the encryption key depends on the domain. Try disabling all unnecessary modules.
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question