How can be checked if user already logged in from another site?
The elgg is located on subdomain, I need to know on the main domain if user already loggedin to redirect him, if I make the api request the functions like
elgg_is_logged_in()
doesn't work, it's always empty result.
info@elgg.org
Security issues should be reported to security@elgg.org!
©2014 the Elgg Foundation
Elgg is a registered trademark of Thematic Networks.
Cover image by RaĆ¼l Utrera is used under Creative Commons license.
Icons by Flaticon and FontAwesome.
You can't use this function on another site to check the user's status.
You should use Web services
You need to do the following:
on the main domain file where you want to call elgg_is_logged_in, include your autoload.php file from the absolution path of your subdomain.
Once you are done with that then you can now call elgg_is_logged_in() from your mail domain.
Make sure the Elgg cookie is set with a subdomain wildcard otherwise request headers will not contain the session cookie.
@ihayredinov What do you think about the general security of the site when using this include?
Obviously this only works as long as things are hosted in the same server. I can't think of any issues with this approach - sharing cookies across subdomains is a normal practice. The only problem that it's an expensive way to check auth status, but that's another question.
The main points of using this method which I wanted to hear from you. Thanks for your opinion.
Thank you for answers,
Yes, am using the services,
in my expose function I wrote
but result the same:
both are empty
Where exactly is your autoload.php file. I believe you said that its in a subdomain i.e some other folder right? Is the path correct?
Also in response I see the Elgg cookies, it's alright:
Yes my subdomain in the different directory on the server, subdomain.domain.com, the server just has CNAME with hostname * on this domain name.
- Previous
- 1
- 2
- Next
You must log in to post replies.