CodeIgniter Forums
Session valid for http://www.domain.com but not for http://domain.com - Printable Version

+- CodeIgniter Forums (https://forum.codeigniter.com)
+-- Forum: Archived Discussions (https://forum.codeigniter.com/forum-20.html)
+--- Forum: Archived Development & Programming (https://forum.codeigniter.com/forum-23.html)
+--- Thread: Session valid for http://www.domain.com but not for http://domain.com (/thread-22242.html)

Pages: 1 2


Session valid for http://www.domain.com but not for http://domain.com - El Forum - 09-02-2009

[eluser]codex[/eluser]
How can you set the session for both?


Session valid for http://www.domain.com but not for http://domain.com - El Forum - 09-02-2009

[eluser]pistolPete[/eluser]
Code:
/*
|--------------------------------------------------------------------------
| Cookie Related Variables
|--------------------------------------------------------------------------
|
| 'cookie_prefix' = Set a prefix if you need to avoid collisions
| 'cookie_domain' = Set to .your-domain.com for site-wide cookies
| 'cookie_path'   =  Typically will be a forward slash
|
*/
$config['cookie_domain']    = '.domain.com';



Session valid for http://www.domain.com but not for http://domain.com - El Forum - 09-02-2009

[eluser]brianw1975[/eluser]
you shouldn't need to.... have you looked at the cookies that are being set for each and see what the difference is? Web Developer add-on for Firefox makes this simple.

Edit: yeah, i should have also said: as long as your cookie config is set up correct.

I took for granted that it was set up "properly"


Session valid for http://www.domain.com but not for http://domain.com - El Forum - 09-02-2009

[eluser]codex[/eluser]
[quote author="pistolPete" date="1251921978"]
Code:
/*
|--------------------------------------------------------------------------
| Cookie Related Variables
|--------------------------------------------------------------------------
|
| 'cookie_prefix' = Set a prefix if you need to avoid collisions
| 'cookie_domain' = Set to .your-domain.com for site-wide cookies
| 'cookie_path'   =  Typically will be a forward slash
|
*/
$config['cookie_domain']    = '.domain.com';
[/quote]

Will look into that. Thanks!


Session valid for http://www.domain.com but not for http://domain.com - El Forum - 09-02-2009

[eluser]codex[/eluser]
[quote author="brianw1975" date="1251922145"]you shouldn't need to.... have you looked at the cookies that are being set for each and see what the difference is? Web Developer add-on for Firefox makes this simple.[/quote]

I see that there's ci_session cookies for both www.domain.com and domain.com. I guess I will have to take a closer look at how the cookies are being set.


Session valid for http://www.domain.com but not for http://domain.com - El Forum - 09-02-2009

[eluser]codex[/eluser]
I think I got it! Cookie was indeed not set up properly. Thanks!


Session valid for http://www.domain.com but not for http://domain.com - El Forum - 09-02-2009

[eluser]brianw1975[/eluser]
Keep in mind that you might not see raw data if you use the session helper, you'll probably see an encrypted string if you are using the encryption capabilities. In application/config/config.php

Code:
/*
|--------------------------------------------------------------------------
| Encryption Key
|--------------------------------------------------------------------------
|
| If you use the Encryption class or the Sessions class with encryption
| enabled you MUST set an encryption key.  See the user guide for info.
|
*/
$config['encryption_key'] = "some random string here";

[quote author="codex" date="1251922404"][quote author="brianw1975" date="1251922145"]you shouldn't need to.... have you looked at the cookies that are being set for each and see what the difference is? Web Developer add-on for Firefox makes this simple.[/quote]

I see that there's ci_session cookies for both www.domain.com and domain.com. I guess I will have to take a closer look at how the cookies are being set.[/quote]


Session valid for http://www.domain.com but not for http://domain.com - El Forum - 09-02-2009

[eluser]kurucu[/eluser]
[quote author="brianw1975" date="1251923044"]Keep in mind that you might not see raw data if you use the session helper, you'll probably see an encrypted string if you are using the encryption capabilities. In application/config/config.php

Code:
/*
|--------------------------------------------------------------------------
| Encryption Key
|--------------------------------------------------------------------------
|
| If you use the Encryption class or the Sessions class with encryption
| enabled you MUST set an encryption key.  See the user guide for info.
|
*/
$config['encryption_key'] = "some random string here";

[quote author="codex" date="1251922404"][quote author="brianw1975" date="1251922145"]you shouldn't need to.... have you looked at the cookies that are being set for each and see what the difference is? Web Developer add-on for Firefox makes this simple.[/quote]

I see that there's ci_session cookies for both www.domain.com and domain.com. I guess I will have to take a closer look at how the cookies are being set.[/quote][/quote]

Yes, but the browser will still make the domain viewable, as that is a cookie parameter, not cookie contents. The browser needs to know which domains the cookie is valid on so that it knows who to send them to - so this part is not encrypted by CI.

It is because the browser will not send a www.domain.com cookie to .domain.com requests that this problem occured, not because CI was not accepting the returned cookie value or browsed domain.


Session valid for http://www.domain.com but not for http://domain.com - El Forum - 09-02-2009

[eluser]brianw1975[/eluser]
mea culpa, I got a bit ahead of myself and was giving a bit of advice about trying to debug the contents of the cookie outside of doing any programming.


Session valid for http://www.domain.com but not for http://domain.com - El Forum - 09-02-2009

[eluser]kurucu[/eluser]
[quote author="brianw1975" date="1251925205"]mea culpa, I got a bit ahead of myself and was giving a bit of advice about trying to debug the contents of the cookie outside of doing any programming.[/quote]
Sorry! Wasn't supposed to be a correction, more of a "don't panic" to the author in case it looked like he couldn't debug. I was tired and at work -my wording was not as friendly as it might have been!