I try to implement authorization between mob. and desktop versions of the site. Essence of the question:
there is a mob version at m.domain.com and there is also a desktop version of domain.com
I need to configure authorization. Honestly, I'm not quite experienced in this issue, so I want to ask for help to understand.
There is an auth.php file in which the session is created, or the user id is received for further work in the site. Here is the code:
session_set_cookie_params(0, '/', '.domain.com'); session_start(); if(isset($_SESSION["isauth"]) && $_SESSION["isauth"] == true) { $result = mysql_query("SELECT * FROM users WHERE id='$_SESSION[uid]'"); $user = mysql_fetch_array($result); } else $user = 0; As you have noticed at the top, I set up a session creation for .domain.com
Further, in the desktop version of the site there is a login.php file that checks the data and actually authorizes the user:
session_start(); $_SESSION["isauth"] = true; $result = mysql_query("SELECT id FROM users WHERE email='$email' AND password='$password'"); $uid = mysql_fetch_array($result); $_SESSION["uid"]=$uid[0]; After logging in, I can work with user data in the desktop version, and I can also work in the mobile version, since the session is visible for the domain and subdomain
The question is how to use the same login.php file but from the desktop version for the mobile ?.
It works out for me, a user visits m.domain.com, a session is automatically created in the auth.php file for the entire domain and subdomain, then there is a request to the login.php file by ajax, I have everything set up, i.e. crossdomain, etc., but for some reason in the file itself there is no entry in $ _SESSION [isauth]! since after authorization, neither in the desktop nor in the mobile version of the site $ _SESSION [isauth] is still empty.
