how to exclude one subdomain from subdomains that share SESSION variable

Question

I had a cookie-free subdomain (static) until I used this code to make my session variable visible in all sub-domains:

session_set_cookie_params(0,'/','.example.com');

apparently, By doing so, I have lost cookie-free characteristic of the "static" subdomain.

How could I have one session variable visible in all subdomains except the static one? thank you for helping

Answer 1

I was having similar problem as you, and I think my solution will help you for your cookie-less static domain. I've described my issue and subsequent solution below so hopefully you can use it to solve your issue.

I wanted to share the session on 2 subdomains:

• www.example.com
• shop.example.com

But exclude that session, and use its own session on

• admin.example.com

To set the session to be used across the two domains, as you described you will have to set the cookie params:

session_set_cookie_params(0,'/','.example.com');

However, this will conflict with the cookie for the admin.example.com session.

The solution is to set the session name in the admin site so it differs to the session name in the other sites. For example:

session_name("AdminPHPSESSID");

See http://www.php.net/session_name for more info.

Answer 2

can you please set in php.ini file

The domain for which the cookie is valid.

session.cookie_domain = "domain"

OR

ini_set('session.cookie_domain', '.example.com');