i would use sessions in multiple hosts of my domain. say my domain is example.com, i'd use sessions in several hosts such as: www1.example.com www2.example.com www3.example.com
this could be easily configured in php.ini by putting: session.cookie_domain = example.com but how can i do if i would EXCLUDE some hosts of my domain? someting like giving the exact list of hosts the cookie should be sent by user clients to the server: session.cookie_domain = www1.exclude.com,www2.example.com,www3.example.com (i tried, but it doesn't works!) such thing is useful when you have some hosts in which you're sure you manage them, while some others you're not so sure. for istance, someone on an hosted site of the same domain could catch all sessions clients sent to his site and re-use those sessions faking someone other authentication... some hints? tell me if it's not clear... bye, stain. -- "If there is any, error is human" -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
