Please help how to implement sessions/cookies accross subdomains with apps not develop using Yii

Hi everyone. I’d like to ask how to implement sessions accross subdomains with another web apps, but that another webapss is not developed using Yii. Can I do this ? Please advice :) Many thanks

Notes : This is what i get from searching through out this forum, but what I get from this wiki is that the two sharing apss must be developed using yii

Yii app:

  1. Follow instructions into mentioned manual to define correct options on Yii app.

  2. Add state prefix for user session into main.php:

... components ...

'user' => array(


   'stateKeyPrefix' => 'projectID',



3rd app:

  1. Specify identical to Yii app cookie params for session:

// it should be placed BEFORE session_start()

$currentCookieParams = session_get_cookie_params(); 





    $currentCookieParams["secure"], // change if needed

    $currentCookieParams["httponly"]  // change if needed


  1. After session start and you’ve login to Yii app, you will see something like:



   'projectID__id' => 100, // WebUser::id

   'projectID__username' => '', // WebUser::username

   ['projectID__<customField>' => '<customFieldValue>', // WebUser::<customField>]

   // other data pushed to session 


Hope it would help you with apps integration.

Hi. Thanks for the answer. Im so sorry for my late reply, i’ve been away for a few days.

Can you please elaborate what do you mean by "1. Follow instructions into mentioned manual to define correct options on Yii app " ? I still don’t get it yet. Thanks

I mean put to config following lines:

// main.php


'components' => array(


   'session' => array(

        'cookieParams' => array(

            'path' => '/',

            'domain' => '', // to keep session id visible into subdomains

            'httpOnly' => true, // change if needed

            'secure' => false, // change if needed





Again, im so sorry for my late reply. Yes, thanks for the sollution. It works well now :)


am trying to delete the browser cookie PHPSESSID on logout using the following code



but the cookie stays there even after this, is there any other way to clear these cookies?

please see the attached screenshot of firebug even after logging out.



sorry missed the attachment