0

I have created a website. When a user is logged I store the user ID in the session.

oooooo.com would be the user website and oooooo.com/test the test website.

Whenever I login on oooooo.com, and then browse to oooooo.com/test, I am already logged-in the test website.

I have worked in PHP but no much idea about handling session.

After login:

$_SESSION['sc_user_id'] = encrypt($result[0]['_id']);

Check user is logged-in or not:

if(!isset($_SESSION['user_name']))
{
    header("Location: ".viewpath."/login.php");exit;
}
sodawillow
  • 12,497
  • 4
  • 34
  • 44
  • 3
    A folder is treated like any other page on the same domain. Easiest option would be to use a subdomain eg `test.oooooo.com` – Steve Dec 03 '15 at 10:52
  • @Steve thanks but there is a another option like use a session name or session id ? –  Dec 03 '15 at 10:54
  • http://stackoverflow.com/questions/5479626/same-domain-different-folder-php-session – Steve Dec 03 '15 at 10:57
  • Or prefix session keys, eg in main site `if(!isset($_SESSION['user_name']))` but in test use `if(!isset($_SESSION['test_user_name']))` – Steve Dec 03 '15 at 11:00
  • Aside: `encrypt($result[0]['_id'])`...!? – deceze Dec 03 '15 at 11:03

1 Answers1

0

use this on test ...just change variable name also in login function set $_SESSION['user_name_test']

if(!isset($_SESSION['user_name_test']))
 {
        header("Location: ".viewpath."/login.php");exit;
 }

on same domain you check session variable.when you login on main site user_name or what ever your variable is set.so when you trying to access test account check session variable set or not.....you use same variable name so it's showing yes it's.so on test account not redirect to login page.

Parth Chavda
  • 1,819
  • 1
  • 23
  • 30