CMS Made Simple Forums

Hello, I was not to sure where to put this as I could think of 3 places, but this is what I need some help with. I need to set the cookie session when logged in on the front via FEU to be .domain.tld not www.domain.tld so I can use subdomains.  It's in the core I know that but how to change it is the issue...

Here is the test site,

http://forum.corbensproducts.com/

if you wish the test user is

username:********
pass:******

***Ask me for them if you want to test this out to see what I'm talking about***

I will leave this user up for a while till I have this solved, but I will be watching so no funning business. ... for clarification, in the config this is set

$config['root_url'] = 'http://' . $_SERVER['HTTP_HOST'];

which at first will set www as the subdomain, but do to the fact that the core has the session tie to tight to this, no matter what subdomain I give CMSMS I get subdomain.domain.tld  so... how to fix this???  I'm open to any ideas... thank you for any help..

cheers
jeremyBass

____________________
set up on the test site is fully update on everything... CMSMS 1.5.3 etc...
__________________________

A side note: may-be the one who has controll of the google ad could filter out the Drupal ads... I have seen those up alot lately... just a thought   and I like that fact that I can't up the view number now when I check my post... kodos there...

JeremyBASS wrote: Hello, I was not to sure where to put this as I could think of 3 places, but this is what I need some help with. I need to set the cookie session when logged in on the front via FEU to be .domain.tld not www.domain.tld so I can use subdomains.  It's in the core I know that but how to change it is the issue...

This is not an issue of CMSMS (bad things if you have many sites in your domain and one is hija, cookie must be ALWAYS host.domain.tld[/subdir])

However, for FEU, setcookie function is in module and not in core (in general here is for admin part); search for setcookie in modules/FrontEndUsers/FrontEndUsers.*

Edit: copy/paste missing (in red). Cookie must be for host and subdir (subset in a address for which the cookie is valid)

Alby

Hello, Alby,
>>>bad things if you have many sites in your domain and one is hija,

I'm not worried about getting the tld sites to work, just the subdomians.  After long, long talks with people everywhere I was told/ have read that subdomains are the only accepted way to pass a cookies safely as servers where not  designed to do so on a tld, but are on a subdomain.  Which is why you are suppose to set your cookies to .domain.tld

>>>However, for FEU, setcookie function is in module and not in core

Yes this is true... I see that now lol... thank you...  hopefully I can get this going... thank you

Cheers
jeremyBass

JeremyBASS wrote: Hello, Alby,
>>>bad things if you have many sites in your domain and one is hija,

Sorry, I have correct the missing copy/paste

Alby

See  I think I'm with in those rules... I'm using the .htaccess for subdomains, and treating the top level pages of CMSMS as "folders" and the "index" at the same time.  Meaning I have a page with the alias as "forum" so normally it would look like this...

http://www.corbensproducts.com/forum

but I have it set so that subdomain folder is the forum page giving me

http://forum.corbensproducts.com/

to which  I thought that fell in the area of server design on handling cookies...?? Man I'll tell you it's one murky area...  Thank you for the help....

Cheers
jeremyBass

I don't think I understand what is keeping the user signed in... is it these cookie sessions

"CMSSESSID7f4680cc"

or

the feu_uid
and
feu_sessionid

as feu_sessionid looks to have the same value as  "CMSSESSID7f4680cc"....

"CMSSESSID7f4680cc" is what I tracked down in the core, which was why I thought it was in the core before.  That would lead me to believe that the feu_uid and feu_sessionid are for "Use cookies to keep logins alive:", "Use cookies to remember login details:"

*******edit*********
it is true, I just tested... so it comes down to  "CMSSESSID7f4680cc"....  which I think is in the core... I forget where... um.. fun fun...
*****************

thank you again for any and all of the help...

Cheers
jeremyBass

I don't know if this will help... but here is a lengthy discussion on the subject I have had.

http://www.experts-exchange.com/Web_Dev ... 23292.html

So with the help of many in the irc... I got it...

in includes.php

@line 39

I added

@ini_set('session.cookie_domain', '.corbensproducts.com');

Now I need to generalize that but it works... I can move around the site safely and not worried about needing to re-log in on every subdomain....

I know this is an edit to the file, but I didn't see another way... if you have an idea I'm open... thank again for the help...

cheers
jeremyBass