Last active
July 27, 2022 11:15
-
-
Save feulf/4587709 to your computer and use it in GitHub Desktop.
Revisions
-
feulf revised this gist
Jan 21, 2013 . 1 changed file with 3 additions and 3 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -3,11 +3,10 @@ a simple idea is to force the session_id between the domains with an ajax call o The concept is simple, you have [A,B,C] domains, where you create a script *sid.php*: ``` php <?php session_id( $_GET['sid'] ); ``` and a script *sid_update.php* that you have to place inside the PHP code of the front controller: ``` php <?php @@ -31,6 +30,7 @@ and a script *sid_update.php* that you have to place inside the PHP code of the } $_SESSION['sid_updated'] = true; } ``` An AJAX call it could be better then the iframe, up to you to implement a better solution. -
Jan 21, 2013 . 1 changed file with 2 additions and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -3,7 +3,8 @@ a simple idea is to force the session_id between the domains with an ajax call o The concept is simple, you have [A,B,C] domains, where you create a script *sid.php*: ``` php <?php session_id( $_GET['sid'] ); and a script *sid_update.php* that you have to place inside the PHP code of the front controller: -
Jan 21, 2013 . 1 changed file with 3 additions and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -1,10 +1,12 @@ a simple idea is to force the session_id between the domains with an ajax call or an hidden iframe. The concept is simple, you have [A,B,C] domains, where you create a script *sid.php*: ``` php <?php session_id( $_GET['sid'] ); and a script *sid_update.php* that you have to place inside the PHP code of the front controller: ``` php <?php -
Jan 21, 2013 . 1 changed file with 2 additions and 2 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -1,13 +1,13 @@ a simple idea is to force the session_id between the domains with an ajax call or an hidden iframe. The concept is simple, you have [A,B,C] domains, where you create a script *sid.php*: ``` php <?php session_id( $_GET['sid'] ); and a script *sid_update.php* that you have to place inside the PHP code of the front controller: ``` php <?php // start the session session_start(); // get the session id -
Jan 21, 2013 . 1 changed file with 8 additions and 7 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -1,12 +1,10 @@ a simple idea is to force the session_id between the domains with an ajax call or an hidden iframe. The concept is simple, you have [A,B,C] domains, where you create a script *sid.php*: ``` php <?php session_id( $_GET['sid'] ); and a script *sid_update.php* that you have to place inside the PHP code of the front controller: ``` php <?php @@ -31,4 +29,7 @@ The concept is simple: $_SESSION['sid_updated'] = true; } An AJAX call it could be better then the iframe, up to you to implement a better solution. ### Note This solution is not safe! If you have a good solution to improve the security of it, please update this GIST. -
Jan 21, 2013 . 1 changed file with 0 additions and 2 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -31,6 +31,4 @@ The concept is simple: $_SESSION['sid_updated'] = true; } A good alternative is to use AJAX instead of the iframe, up to you to find out a better solution to implement this idea. -
Jan 21, 2013 .There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -0,0 +1,36 @@ a simple idea is to force the session_id between the domains with an ajax call or an hidden iframe. The concept is simple: - you have [A,B,C] domains - create a script sid.php in all of them, to force the SID <?php session_id( $_GET['sid'] ); - create a script to update the sid in the other domains, and place it in your common PHP code: ``` php <?php // start the session session_start(); // get the session id $sid = session_id(); // url of all domains $domains = ['A','B','C']; // this domain, you may want to set this manually $url = $_SERVER['SERVER_NAME']; // execute this script only once if( isset($_SESSION['sid_updated']) && true === $_SESSION['sid_updated'] ){ foreach( $domains as $domain ){ // update all domains except the one we are now if( $domain != $url ){ // print an hidden iframe echo "<iframe src=\"{$domain}?sid={$sid}\" style="position:absolute;top:-1000;"></script>"; } } $_SESSION['sid_updated'] = true; } ``` A good alternative is to use AJAX instead of the iframe, up to you to find out a better solution to implement this idea.