Bug #14532
closed
scope of BE- and FE-Cookie: can't cope with multidomain-setup
0%
Description
<cite martin kutschker>
I posted this long ago I think, but as a customer just upgraded to 3.7 I've had to make the same old hack again. I had to hack t3lib_userauth (or in fact the XCLASS version of cc_sv_auth) to set a proper domain with the cookie.
I'd like to have a SYS[cookieDomain] setting in localconf.php that if set, will be used to set the cookie correctly. Otherwise you cannot share sessions across subdomains.
</cite martin kutschker>
don't know if that affects FE as well
<solution>
<cite martin kutschker>
Local hack:
In t3lib_userauth find the two occurences of SetCookie(). Now add your domain as ".MYDOMAIN.TLD" as last parameter (after '/').
Better approach:
Like above but with an if-clause.
if ($TYPO3_CONF_VARS['SYS']['domainCookie'])
SetCookie($this->name, $id, 0,'/',
$TYPO3_CONF_VARS['SYS']['domainCookie'])
else
SetCookie($this->name, $id, 0, '/')
But that is assuming one domain for the whole installation. In case you have multiple domains with different subdmonains it won't work. eg
</cite martin kutschker>
</solution>
(issue imported from #M752)
Files
Updated by 
Updated by