#117917 by chx, greg, webchick et al: fix problems with the automatic domain extraction -- prevents users from logging in. Backport from HEAD.

2007-02-14 04:11:24 +00:00 · 2007-02-14 04:11:24 +00:00 · 7adde9f636
parent 4a247fca04
commit 7adde9f636
1 changed files with 12 additions and 2 deletions
--- a/sites/default/settings.php
+++ b/sites/default/settings.php
@ -137,8 +137,7 @@ ini_set('session.use_trans_sid',    0);
 ini_set('url_rewriter.tags',        '');

 /**
- * We try to set the correct cookie domain. If you are experiencing problems
- * try commenting out the code below or specifying the cookie domain by hand.
+ * We try to set the correct cookie domain.
 */
 if (isset($_SERVER['HTTP_HOST'])) {
  $domain = '.'. preg_replace('`^www.`', '', $_SERVER['HTTP_HOST']);
@ -149,6 +148,17 @@ if (isset($_SERVER['HTTP_HOST'])) {
  }
 }

+/**
+ * On some sites, multiple domains or subdomains may point to the same site.
+ * For instance, example.com may redirect to foo.example.com. In that case,
+ * the browser may confuse the cookies between the two domains, resulting in
+ * an inability to log in. In that case, uncomment the line below and set
+ * it to the more generic domain name. For instance, .example.com is more
+ * generic than .foo.example.com. Remember the leading period on the domain
+ * name, even if you wouldn't type it in your browser.
+ */
+#ini_set('session.cookie_domain', '.example.com');
+
 /**
 * Variable overrides:
 *