Today I finished implementing the single logon system. It wasn’t an easy task but while learning some additional PHP techniques I managed to do it.
Because the makeyourflashgame website consists of 5 subdomains www, blog, community, base, content, and the community part is a PHPBB3 forum that has its own logon system, I had a real headbreaker in getting this to work.
however….
To learn how easy it is to create PHP sessions and cookies that span multiple sub domains sent me into a state of euforia. It launched me straight into the right direction.
I use the PHPBB forum as leading for userid/passwords. I added some additional scripts to PHPBB and integrated my own code in some PHPBB base script files 
.
If someone authenticates using the header fields in any sub-domain, a little flash app is used to do a secure call (URLRequest) to a user validation script within the PHPBB domain. PHPBB will log in and cookies/sessions are set. I integrated my code into PHPBB so if someone loggs in the normal PHPBB way the right cookies and session data is set as well and the person is logged into the sub-domains as well.
I tested it on IE8, Firefox, Chrome and Safari (for windows)
now for some code ….
I am not gonna reveal to much of my own code but if someone wants to know how to create a cookie that spans multiple domains… with .makeyourflashgame.com as an example…
public function setCookie($cookie, $value)
{
$expire = $this->si->addTime(52,"w");
setcookie($cookie,$value,$expire,"/",".makeyourflashgame.com");
}
public function clearCookie($cookie)
{
$expire = $this->si->addTime(-1,"w");
setcookie($cookie,null,$expire,"/",".makeyourflashgame.com");
}
and to create cross subdomain session state (on the same machine) you need to set the session.cookie_domain before starting the session
// set session cookie domain to main domain so the session will be available in all subdomains
$pos = strpos($_SERVER['SERVER_NAME'],".");
$server_name = $_SERVER['SERVER_NAME'];
ini_set('session.cookie_domain',substr($server_name,$pos,strlen($server_name)-$pos));
// start domain wide session
session_start();
If this website should become a success and the subdomains have to be split up into different servers, I will have to use create some other way to manage session data across multiple servers. Will probably be putting this data into a MySQL Database and use a cross domain session id cookie to access this data.
Next is …. user workspace management system.
Tags: Game Development, website