'Setting two different sessions on same domain for two different folders in PHP
I have an application that has user management using sessions.Under the root folder of the application I have an admin panel which I need to have different session as otherwise it conflicts with the root session.
-root
-admin/adminFiles
-rootFiles
I went through this thread and also the docs and tried the below code in my admin folder
if(HTTP_SERVER != 'http://localhost'){
session_save_path("/tmp");
}
session_name('session_for_admin');
ini_set('session.cookie_path','/session_for_admin');
session_set_cookie_params(60*60*24*5,'session_for_admin');
session_start();
This just does not start the session.No error in the logs too. What am I doing wrong here.
I want to do it this way because the admin folder is just going to be accessed by a few privileged users and not very frequently. I am aware that session_name() adds and overhead.But would like to get through it this way.
Solution 1:[1]
so in regard to what you say about having an admin flag in your database:
let's say that $admin contains a boolean: true if your database confirmed the user as an admin, false if it's not
this will activate the session with name based on the result of this boolean:
if ($admin)
{session_name('session_for_admin');}
else
{session_name('session_for_others');}
session_start();
this will start and manage two different sessions, in the same way that two different users will have their own session.
admittedly from there you may want to do other things such as changing the working directory, or include different files.
Which you could also do by just setting a variable in your session when the user is logged in as admin:
$_SESSION['admin'] = true;
from then on, you can check and use some files or other like this:
if ($_SESSION['admin'])
{// use files in admin folder
}
else
{// use files in root folder
}
Solution 2:[2]
Try using session_name before you start the session For example, in the first domain, use
session_name("AdminPanel");
session_start();
In the second domain, use
session_name("WebsiteID");
session_start();
For more visit session name
Sources
This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.
Source: Stack Overflow
| Solution | Source |
|---|---|
| Solution 1 | Félix Adriyel Gagnon-Grenier |
| Solution 2 | Ehab Aboassy |