Hey

I am using PHPs built in session handeling for a usersystem. My problem is I have two sites: MySite.com and OtherSite.com

They both use the same usersystem. Is there any way I can integrate them? So when a user logs in one, and navigates to the other, s/he does not have to relogin.

i would guess not because cookies are limited to one domain so your session cookies or any other cookies wont be accessible by your other site
you could try to use $_GET vars i am not sure how you would go about it though

Scott.

If you wanted to sacrifice a little security you could theoretically add a table to your database schema which would keep track of currently logged in users and create a unique id for each user and send the data to the other server as well.

As a part of the test for login status both servers could check the users ip/mac combo and test it against the database of "logged in" people and update their session cookies accordingly.

That's a rough idea, and it does carry with it significant security risks so be sure to weigh those against the inconvenience of dual logins.

is it possiable to get the mac address of the receiver?
and with NAT a large company/organization could be using the same ip and mac address any way

Scott.

is it possiable to get the mac address of the receiver?
and with NAT a large company/organization could be using the same ip and mac address any way

Scott.

Yes it is, it's one of the mechanisms used in secure login authentication, but you're right about the company or even anybody behind a router. So if two people on a router were logged into the same site you would have issues.

As I said, it wasn't a perfect solution by any means, but if you included an ajax script on both sites you might be able to set cookie info across the servers and use a variable with a unique hash which could be added to the database and checked.