PHP session login different for url with www and without www?

Question

I am debugging on session login, when i am login to www.domainname.com the session will be only set for with www.

When i am going to url domain.com, session login is ignored, and i will be prompted to login form again.

I have set session cookie_domain also, but not working.

Any one can help me? why?

You must've set the cookie domain wrong. This is the default behavior of cookies, they are only accessible on the same fully qualified domain they were set on. — Dan Grossman, Jan 27 '11 at 05:47

score 1 · Answer 1 · answered Aug 29 '12 at 17:38

I know this question is as old as "Who came first? The egg or the chicken?"

I had a lot of trouble about this issue. But... if you're using php I've found a solution:

In your login script insert in the first line

<?php
session_set_cookie_params(0, '/', 'www.yourdomain.com');
session_start()
?>

or you can try yoursubdomain.yourdomain.com instead www.yourdomain.com.

It works for me. Hope it help other users too.

score 0 · Answer 2 · answered Feb 26 '14 at 20:23

Have you tried setting the session domain to ".example.com"?:

$lifetime = 0;
$path = '/';
$domain = '.yourdomain.com';
session_set_cookie_params($lifetime, $path, $domain);

Note the dot in the beginning of the $domain string variable.

Check the reference of the function here.

score 0 · Answer 3 · answered Jan 27 '11 at 05:51

I highly recommend redirecting users to the canonical version of the site (probably the www.example.com domain). Look around, you'll notice that most sites do exactly this for consistency (including SO; see what happens when you go to www.stackoverflow.com).

PHP session login different for url with www and without www?

3 Answers3

Linked