Please help how to implement sessions/cookies accross subdomains with apps not develop using Yii

Yii 1.1 General Discussion
1

Hi everyone. I’d like to ask how to implement sessions accross subdomains with another web apps, but that another webapss is not developed using Yii. Can I do this ? Please advice :) Many thanks

Notes : This is what i get from searching through out this forum, but what I get from this wiki is that the two sharing apss must be developed using yii

2

Yii app:

  1. Follow instructions into mentioned manual to define correct options on Yii app.

  2. Add state prefix for user session into main.php:




... components ...

'user' => array(

   ....

   'stateKeyPrefix' => 'projectID',

)

....

3rd app:

  1. Specify identical to Yii app cookie params for session:



// it should be placed BEFORE session_start()


$currentCookieParams = session_get_cookie_params(); 


session_set_cookie_params( 

    $currentCookieParams["lifetime"], 

    '/', 

    '.yourdomain.com', 

    $currentCookieParams["secure"], // change if needed

    $currentCookieParams["httponly"]  // change if needed

);
  1. After session start and you’ve login to Yii app, you will see something like:



// $_SESSION


array(

   'projectID__id' => 100, // WebUser::id

   'projectID__username' => 'admin@mail.com', // WebUser::username

   ['projectID__<customField>' => '<customFieldValue>', // WebUser::<customField>]

   // other data pushed to session 

)

Hope it would help you with apps integration.

3

Hi. Thanks for the answer. Im so sorry for my late reply, i’ve been away for a few days.

Can you please elaborate what do you mean by "1. Follow instructions into mentioned manual to define correct options on Yii app " ? I still don’t get it yet. Thanks

4

I mean put to config following lines:




// main.php

...

'components' => array(

   ...

   'session' => array(

        'cookieParams' => array(

            'path' => '/',

            'domain' => '.yourdomain.com', // to keep session id visible into subdomains

            'httpOnly' => true, // change if needed

            'secure' => false, // change if needed

        ),

    ),

    ...

)
5

Again, im so sorry for my late reply. Yes, thanks for the sollution. It works well now :)

6

hi

am trying to delete the browser cookie PHPSESSID on logout using the following code

unset(Yii::app()->request->cookies[‘PHPSESSID’]);

Yii::app()->request->cookies->clear();

but the cookie stays there even after this, is there any other way to clear these cookies?

please see the attached screenshot of firebug even after logging out.

regards

charles

7

sorry missed the attachment