Results 1 to 2 of 2

Thread: Multi-Login like Yahoo or Google

  1. #1
    Join Date
    Aug 2010
    Posts
    10
    Thanks
    4
    Thanked 0 Times in 0 Posts

    Default Multi-Login like Yahoo or Google

    Hey guys!
    I am looking for a way to authenticate 1 user on multiple sites by logging in on one, and just one, of these sites.
    So basically I need to create sessions for other domains than the one the form is located on.
    I heard that this could be done with curl, but I have no knowledge about it.
    Could you help me?

  2. #2
    Join Date
    Mar 2006
    Location
    Illinois, USA
    Posts
    12,164
    Thanks
    265
    Thanked 690 Times in 678 Posts

    Default

    There's a big difference between domains and subdomains. Subdomains can be forced to act like one site by setting cookies to *.domain.com rather than just domain.com. That way, it's all one site. You do this either when setting the cookie or in the case of a session id cookie, as a configuration command for PHP. If you need more info on that, ask.

    Setting it up like that for different domains is not possible.

    You can use curl to submit info to another site-- you could do it via post, for example-- but you could also accomplish the same thing by just using the same database for both sites.

    The problem is that you will not be able to share cookies between the sites, and all logins are built around cookies-- either entirely cookies or a session that is defined by a session id stored in a cookie.

    So it is not possible to automatically login between different domains like that.

    The only way that I can think of is to customize the sessions between the two domains so that you link the sessions to IP address. In other words, when they log in on one site, you use CURL or store a value in the database to tell the other site to recognize the user's IP address and automatically log them in. But for obvious reasons that is not only hard to do but also not necessarily secure: if someone has the same IP then they would be automatically logged in. Imagine an internet cafe or school where hundreds of computers may share/rotate IP addresses. The only way that wouldn't cause problems is if your site isn't very popular and by coincidence it doesn't have that problem-- but if it's big like google or yahoo it's definitely going to cause problems.
    Daniel - Freelance Web Design | <?php?> | <html>| espa˝ol | Deutsch | italiano | portuguŕs | catalÓ | un peu de franšais | some knowledge of several other languages: I can sometimes help translate here on DD | Linguistics Forum

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •