arjunroy arjunroy - 13 days ago 4
MySQL Question

how to make a php web application where user visit through pre register subdomainp

i have make a web application where only pre register user can login and use user dashboard and logout.
for example this application run on php-mysql(cpanel)
"www.example.com/system/index.php"
But i want
if their is two pre register user like 1. user1(subdomain : sys1.user1.com) 2. user2(subdomain : sys2.user2.com) pre register user with their pre register subdomain and this subdomain point to "www.example.com/system/index.php".
for both two user have different option in their dashboard some different page and also some similar option similar design same login logout page. user1 cannot access any things of user2 vice versa. under user1 and user2 their are also subuser a/c with some less option that upper user.

Answer

Okay, here is what i think you need.First session that are accessible from all the three domains.

Here is something for that

session_set_cookie_params(0, '/', '.your-domain.com');
session_start();

Now your session data would be shared across all your subdomains. Next, and i am simplifying this step because i noticed you wrote CPanel you need common session path for all subdomains. That is already done because by default session uses file to store session data. If you scale to multiple servers, make sure your session data is stored in some database server and accessible to all of the subdomains.

Now you need to differentiate between which subdomain did the user came from. For that it is simple add a flag variable in login system to both to write the subdomain in php session. Example

<?php
    if (user.login($username,$password)) {
      $_SESSION["authenticated"] = True;
      $_SESSION["authSource"]    = $_SERVER['HTTP_HOST'];
    }
?>

the method user.login is only for representation and not any actual method. You can change it according to your codes.

So in conclusion the first part of the code segment will share session cookies across all subdomains of your domain. and the second part will set a flag on $_SESSION on which subdomain did the authentication occur from.