Jump to content

Obsolete:Multi domain cookies

From Wikitech
The printable version is no longer supported and may have rendering errors. Please update your browser bookmarks and please use the default browser print function instead.
Note: This page was created as a temporary pastebin and probably doesn't make any sense without its proper context

sendsessionid.php

<?php
require_once("cookie.php");

$next = false;

$idx = isset($_GET['idx'])?(int)$_GET['idx']:0;

$d = $domains[$idx];
if ($_GET['key'] == $signedsessionkey) {
    session_id($_GET['sessionid']);
    error_log("starting session in $d");
    session_start();
} else {
    error_log("NOT starting session in $d");
}
if (!isset($domains[$idx+1])) {
    error_log("all done");
    header('Location: '.$_GET['orig']);
} else {
    header('Location: http://'.$domains[$idx+1].'/sendsessionid.php?orig='.urlencode($_GET['orig']).'&sessionid='.urlencode($_GET['sessionid']).'&key='.urlencode($_GET['key'])."&idx=".($idx+1));
}

exit;
?>

cookie.php

<?
$secretkey = "blah blah";

$domains = array("neocrat.com","nonstatic.com");
sort($domains);

$signedsessionkey = !isset($_GET['sessionid'])?"":md5($_GET['sessionid'].$secretkey);
?>

setcookies.php

<?
require_once("cookie.php");

session_start();
header("Location: http://".$domains[0]."/sendsessionid.php?orig=".urlencode($_SERVER['SERVER_NAME'])."&sessionid=".session_id()."&key=".md5(session_id().$secretkey));
exit;

?>
Retrieved from "https://wikitech.wikimedia.org/w/index.php?title=Obsolete:Multi_domain_cookies&oldid=1766544"