login session php

php session problem

Page 1 of 1

3 Replies - 5269 Views - Last Post: 31 October 2010 - 11:48 AM Rate Topic: -----

#1 sidhu_sree  Icon User is offline

  • New D.I.C Head

Reputation: -1
  • View blog
  • Posts: 37
  • Joined: 08-October 09

login session php

Posted 31 October 2010 - 09:06 AM

hi
i am using php session
after logging in am redirecting it to admin page
and am using same code for different site also
but actual problem is when i loged in one of these 2 site i can visit both sites admin page

example:-

http://example.com/login.php
after logging in am getting this page
http://example.com/admin.php

and now when i type url in address bar

http://exampledifferent.com/admin.php
with out logging in to it i can access this page from same browser

i mean same session is considered for all
how to solve this problem

Is This A Good Question/Topic? 0
  • +

Replies To: login session php

#2 Atli  Icon User is offline

  • D.I.C Lover
  • member icon

Reputation: 3730
  • View blog
  • Posts: 6,017
  • Joined: 08-June 10

Re: login session php

Posted 31 October 2010 - 09:33 AM

Hey.

That's odd. A PHP session is usually stored in a session cookie tied to a specific domain. It shouldn't be shared across two completely different domains. - It might be shared across sub-domains (sub1.example.com and sub2.example.com) but that's about it.

We would need to know more to figure this out. Could you show us the code?
Also, could you check out the details on the session cookie? (You can do that using, for example, Firefox with the Web Developer addon.)
Was This Post Helpful? 0
  • +
  • -

#3 sidhu_sree  Icon User is offline

  • New D.I.C Head

Reputation: -1
  • View blog
  • Posts: 37
  • Joined: 08-October 09

Re: login session php

Posted 31 October 2010 - 11:16 AM

View PostAtli, on 31 October 2010 - 08:33 AM, said:

Hey.

That's odd. A PHP session is usually stored in a session cookie tied to a specific domain. It shouldn't be shared across two completely different domains. - It might be shared across sub-domains (sub1.example.com and sub2.example.com) but that's about it.

We would need to know more to figure this out. Could you show us the code?
Also, could you check out the details on the session cookie? (You can do that using, for example, Firefox with the Web Developer addon.)

ya your right i check it in local host on xamp server but it works fine with http:// but i found it with localhost
Was This Post Helpful? 0
  • +
  • -

#4 CTphpnwb  Icon User is offline

  • D.I.C Lover
  • member icon

Reputation: 3105
  • View blog
  • Posts: 10,905
  • Joined: 08-August 08

Re: login session php

Posted 31 October 2010 - 11:48 AM

On localhost, you're accessing the same server for both sites so your session id is the same. Since you're using the same php code, you're storing/retrieving the same session variables for both "sites" so it's to be expected that logging into one would make you appear to the other to be logged in as well.
Was This Post Helpful? 0
  • +
  • -

Page 1 of 1