Edit report at http://bugs.php.net/bug.php?id=43682&edit=1
ID: 43682
Comment by: serhio_forever at yahoo dot com
Reported by: k dot andris at gmail dot com
Summary: domain/subdomain problems with session cookies
Status: Closed
Type: Bug
Package: Session related
Operating System: Debian Sarge
PHP Version: 5.2.4
New Comment:
To "k dot andris at gmail dot com"
You're right. Had exactly the same problem.
Solution. Just add these 2 lines in your php.ini file:
suhosin.session.cryptdocroot=Off
suhosin.cookie.cryptdocroot=Off
or, if you don't have access to it, these 2 in some of your general
config.php file:
ini_set("suhosin.session.cryptdocroot", "Off");
ini_set("suhosin.cookie.cryptdocroot", "Off");
Previous Comments:
------------------------------------------------------------------------
[2008-04-13 22:50:50] k dot andris at gmail dot com
Actually Suhosin's suhosin.session.cryptdocroot option was the problem.
If the session encryption key is based on the DocRoot it causes the
problem described here (if the base domain and the subdomains are served
from different directories).
------------------------------------------------------------------------
[2008-02-21 01:00:00] php-bugs at lists dot php dot net
No feedback was provided for this bug for over a week, so it is
being suspended automatically. If you are able to provide the
information that was originally requested, please do so and change
the status of the bug back to "Open".
------------------------------------------------------------------------
[2008-02-13 18:39:55] j...@php.net
I don't see how this is PHP bug at all. More like lighttpd bug if a bug
at all. Check these: What host PHP script gets from ligttpd
($_SERVER['SERVER_NAME'] and what is tried to be set for the cookie.
------------------------------------------------------------------------
[2008-02-10 18:29:19] k dot andris at gmail dot com
I found it! The problem only occours if you serve the base domain and
the subdomains from different sections of lighttpd config file, like
this:
$HTTP["host"] =~ "^mysite\.com" {
server.document-root = "/var/www/mysite/"
}
$HTTP["host"] =~ "(.+)\.mysite\.com$" {
server.document-root = "/var/www/mysubdomains/"
}
------------------------------------------------------------------------
[2008-02-10 18:17:20] k dot andris at gmail dot com
It seems to work on another server. I'll try to find out what was wrong
with the first one. Sorry..
------------------------------------------------------------------------
The remainder of the comments for this report are too long. To view
the rest of the comments, please view the bug report online at
http://bugs.php.net/bug.php?id=43682
--
Edit this bug report at http://bugs.php.net/bug.php?id=43682&edit=1
