PHP 读取另一个域上的 cookie
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/2919968/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
PHP read a cookie that is on another domain
提问by pnm123
I have two domains. One domain contains the login script. It creates a cookie when logged in. Another domain have a URL shortener.
我有两个域。一个域包含登录脚本。它在登录时创建一个 cookie。另一个域有一个 URL 缩短器。
So, on the 2nd domain that have the URL Shortener script have a file called session.php. Usually I was using $_COOKIE['sessionid']to get the session id and match it using database.
因此,在具有 URL Shortener 脚本的第二个域上有一个名为 session.php 的文件。通常我$_COOKIE['sessionid']用来获取会话 ID 并使用数据库匹配它。
How can I get the session id now? I have tried few ways but none of them have solve my problem.
我现在如何获取会话 ID?我尝试了几种方法,但没有一种方法可以解决我的问题。
回答by Andy E
For obvious security reasons, you can't read a cookie that belongs to another domain. You can do it across sub-domains though.
出于明显的安全原因,您无法读取属于另一个域的 cookie。不过,您可以跨子域执行此操作。
Why not append the session id to the forwarded URL?
为什么不将会话 ID 附加到转发的 URL?
回答by Flukey
Have you considered using a SSO implementation?
您是否考虑过使用 SSO 实现?
http://en.wikipedia.org/wiki/Single_sign-on
http://en.wikipedia.org/wiki/Single_sign-on
We use it at work, it's awesome! It means we don't have to worry about these types of problems.
我们在工作中使用它,太棒了!这意味着我们不必担心这些类型的问题。
回答by Felix Kling
Cookiesare sent by the browser and only to the domain, the cookies were set for.
Cookies是由浏览器发送的,并且只发送到域,cookies 是为它设置的。
There is not much (meaning nothing;) ) you can do.
你能做的并不多(意味着什么;))。
But if your domains are two different subdomains (e.g. login.yourdomain.comand shortener.yourdomain.com) you just have to set the domain name accordingly to make the cookie valid for all subdomains.
In this case, it would be .yourdomain.com.
但是,如果您的域是两个不同的子域(例如login.yourdomain.com和shortener.yourdomain.com),您只需相应地设置域名以使 cookie 对所有子域都有效。
在这种情况下,它将是.yourdomain.com。
You might want to read the documentation of setcookie().
您可能想阅读setcookie().
Maybe it is better if you clearly describe what you want to accomplish. Probably there is another solution that does not involve cookies.
如果你清楚地描述你想要完成的事情,也许会更好。可能还有另一种不涉及 cookie 的解决方案。
回答by Ashutosh Kumar
Just while setting cookie from the login page set the cookie to entire domain like this
就在从登录页面设置 cookie 时,像这样将 cookie 设置为整个域
setcookie("c","value",time()*3600*24,"/");
in this way you can set cookie to your entire domain.
通过这种方式,您可以将 cookie 设置为您的整个域。
回答by Your Common Sense
You can't read a cookie from the other domain.
though there are several ways to pass a session id. You can search SO for the cross-domain authorization
您无法从其他域读取 cookie。
尽管有多种方法可以传递会话 ID。您可以搜索 SOcross-domain authorization
The easiest way is to pass a session id via query string
最简单的方法是通过查询字符串传递会话 ID
回答by halfdan
You can't. Cookies are bound to a single domain. You can use cookies across multiple subdomains though.
你不能。Cookie 绑定到单个域。不过,您可以跨多个子域使用 cookie。
