Issue with sharing session across subdomains in Yii

Hi I am facing a weird problem. Not sure exactly if it a problem or desired behavior.

I have a website built with Yii 1 framework. Now we needed to support subdomains on website. I added wildcard SSL to website and added entry in routes.php to map user subdomain route to site route.

Since to share session across subdomains Yii recommends to add following configuration to main.php

'session' => array(

            'timeout' => 86400,

            'class' => 'CDbHttpSession',

            'connectionID' => 'db',

            'sessionTableName' => 'YiiSession',

            'cookieParams' => array(

                'domain' => '.domain,com'



I did that and started testing my website on production server. Like https,//www,domain,com, https//user1,domain,com etc

Suddenly I noticed that I was unable to add anything to basket/cart. User clicks on ‘Add to Basket’ on product page but basket went empty. I tried so many things what is causing this problem but with no luck. In the end I gathered that my dev site is on the URL https///www,domain,com/dev which is entirely separate website and whenever I login to that site and then go to production site https///www,domain,com I start to face this empty basket issue.

The problem goes away when clear browser history and reopen the browser and run only https///www,domain,com and empty basket issue does not occur. But as I open my dev site (https///www,domain,com/dev) and play with basket it does not allow me to enter anything to basket.

Same is true if I clear the browser history, open dev site first and play with basket, it works fine. Now If I open production site it cannot have items to basket.

So with all that I feel (I am not sure, that’s why asking) that this problem is caused by sharing of session cookie between production site (https///www,domain,com) and dev site (https///www,domain,com/dev)

I want to know is this really causing the problem or there might be some other bug?

I see other posts on forum indicating that CWebUser class might have problem with access session variables like


But I never had this issue of unable to adding any items to basket in 2 years with website until I implemented this subdomain feature.

P.S: My basket code uses custom session variables that I set using Yii::app()->user->setState(‘basket’,$basket) when user adds item to basket.

Your insight will be very helpful. For 3 days I have been facing this issue, I have been totally stumped until I reached this point.

Note: Since I am new to forum it is not allowed to post links. So URLs I posted are not valid (replaced . with , and : with /)

Thank you for your help

been a while since I have touched yii 1 but user component has a property which you can set to prefix session data for modules/apps

'components' => [

    'user' => [

         // enable cookie-based authentication


        'stateKeyPrefix' => '__foo_bar'