How to share cookies and sessions between domain and subdomain?

I’ll skip steps related to sharing DB and sharing users data and meta, based on assumption that you’ve done it correctly.

Let’s concentrate on wp-config.php of both sites. These are defines that MUST BE IDENTICAL for both sites:

define('COOKIE_DOMAIN', '.domain.com'); // your main domain
define('COOKIEPATH', "https://wordpress.stackexchange.com/");
define('COOKIEHASH', md5('domain.com')); // notice absence of a '.' in front

and

generated once only, KEYs and SALTs, copied to wp-config.php of both sites.

Now, if you login as any user on one site, you will be logged in, as the same user on the second site.

But wait. What happens, when you create a new user on one site, login as just created user on the same site, and try to access /wp-admin/ of the second site? You can expect to see the following message:

Sorry, you are not allowed to access this page.

This is because, on the second site, the newly created user does not have any role assigned, yet.

How to avoid user not being synchronized on both sites, in case of user’s creation or change to user’s profile?

I wrote a plugin, which should be placed in /wp-content/mu-plugins of both sites. Let’s make a new file fpw-sync-users.php, with the following code in it:

<?php
// Users synchronization
function fpw_synchronize_admins_on_admin_login( $user_login, $user ) {
    if ( array_key_exists( 'administrator', $user->caps ) ) {
        global $wpdb;
        $site_prefix = $wpdb->prefix;
        $admins_only = true;

        $other_prefixes = array(
            'wp_',
        );

        $args = array( 
            'fields'    => 'ID',
        );
        if ( $admins_only )
            $args[ 'role' ] = 'administrator';

        $users = get_users( $args );

        foreach ( $users as $id ) {
            $cap = get_user_meta( $id, $site_prefix . 'capabilities', true );

            foreach ( $other_prefixes as $prefix )
                update_user_meta( $id, $prefix . 'capabilities', $cap );
        }
    }
}
add_action( 'wp_login', 'fpw_synchronize_admins_on_admin_login', 10, 2 );

function fpw_synchronize_user_on_admin_register( $id ) {
    $me = wp_get_current_user();
    if ( array_key_exists( 'administrator', $me->caps ) ) {
        $other_prefixes = array(
            'wp_',
        );
        $user = get_user_by( 'id', $id );
        $cap = $user->caps;
        foreach ( $other_prefixes as $prefix )
            update_user_meta( $id, $prefix . 'capabilities', $cap );
    }
}
add_action( 'user_register', 'fpw_synchronize_user_on_admin_register', 10, 1 );

function fpw_synchronize_user_on_profile_update( $user_id ) {
    if ( current_user_can( 'edit_user', $user_id ) ) {
        $other_prefixes = array(
            'wp_',
        );
        $cap = array( $_POST[ 'role' ] => true, );
        foreach ( $other_prefixes as $prefix )
            update_user_meta( $user_id, $prefix . 'capabilities', $cap );
    }
 }
add_action('edit_user_profile_update', 'fpw_synchronize_user_on_profile_update');

and copy it to both destinations.

Now, edit the plugin of the first site, by replacing ‘wp_’ with real table prefix of the second site, in all three $other_prefixes arrays. Edit second site’s plugin, using real table prefix of the first site, as a replacement.

From now on, users on both sites will be fully synchronized, and login on one site will make this user, logged in on both sites.

Related Posts:

  1. Is it possible to transfer a WordPress session to a different browser via query string?
  2. Disconnect automattically after X minutes
  3. How I can share cookies from my dimain to subdomain?
  4. How to change WordPress cookies to be session-only
  5. Authorize subdomain to access and read user and admin cookies
  6. COOKIE_DOMAIN chaos
  7. Correct user session/cookie handling with external site connection in wordpress
  8. Get WordPress logged in username from root domain when WP is installed in a subfolder
  9. Looking to load a different template part on every load/refresh
  10. Capture and display users name
  11. WordPress keep logged in after browser close
  12. Removing username from the ‘wordpress_logged_in’ cookie
  13. How to use alias domain for multisite installation?
  14. Place a cookie when a specific page has been viewed?
  15. Htaccess for Wordpess set on single subdomain
  16. Using wp_set_auth_cookie for custom user account system
  17. Should wordpress_logged_in cookie exist while logged out?
  18. Clearing cookie on logout and session expiration
  19. Display message once per session to users with a specific role
  20. Worpdress PHPSESSID / EU law
  21. Do I use cookies?
  22. Hide/Show content based on cookie
  23. $_SESSION variables lost during OAuth callback
  24. ERROR: Cookies are blocked or not supported by your browser
  25. How do I use different domain for subdomains in WP Multisite?
  26. How can i run the same WordPress install on multiple subdomains?
  27. How would you detect if WordPress is installed in a subdirectory (not root)?
  28. Random popup image per user with no repeat
  29. How to get session token of current user in wp_login hook?
  30. Deleting cookie to logout
  31. How to retrieve TLD domain for the current website?
  32. Unset a Cookie on Successful Gravity Forms form Submission [closed]
  33. How set a cookie from PHP and get it without refresh
  34. Why wordpress cookies name contains HASH
  35. Change the user is logged in cookie name
  36. can we share user login in 2 wordpress installs in 2 subdomains on one server? [duplicate]
  37. background/font size change and remember
  38. Modifying request $_COOKIE
  39. How to implement a $_SESSION alternative in WordPress inside a theme without a plugin?
  40. WordPress Keeps Logging Out – What Tests Can I Run to Solve This?
  41. User Session and Stored Cookies not get removed
  42. Need help setting cookies with multiple value [closed]
  43. How to store post ID’s in cookie or session to display the same posts later
  44. Check if user is logged in to site A when visiting site B
  45. How to setup cookie free domain for wp-includes?
  46. COOKIE_ID with username appended
  47. iframe does not store session/cookie when refresh parent
  48. Setting Cookies For Form Autofill
  49. Redefine cookie domain for subdomains
  50. Installed WordPress Location
  51. How to use different domains for different blogs hosted in the same host in subdomains with .htaccess
  52. Issues with set cookie
  53. Accept or deny cookies – how to?
  54. WordPress Post Voting – Vote once per IP on entire site
  55. $_SESSION variable not saving on page refresh or new page
  56. wordpress can’t read a cookie?
  57. Do I need a Cookie consent on a basic WordPress site?
  58. Automatically generator a WordPress installation on my subdomain
  59. Page specific cookie
  60. One time login on 2 different WordPress sites
  61. Relative Root Url For Sub domain name
  62. Error when setting cookie
  63. How to keep a variable in COOKIE or GET query string?
  64. Add session or cookie to remember last menu location
  65. Is there something I need to know in order to use WordPress on foreign (Swedish) TLDs?
  66. Codeless random token generation to pass into multiple tracking links in a single page load
  67. Can’t login to WordPress admin panel after changing domain to use WordPress pages as a fallback from React
  68. Favicon not loading until cookies are accepted?
  69. Set cookie parameters on wp site – PHP not working?
  70. can you help review CCCP (Conditional Cookie Content Post) and help to create a block?
  71. Setup cookie on Chrome even without HTTPS
  72. How can I get an updated cookie in header.php?
  73. Setting a Custom Cookie in WordPress only for Logged In Customer/User (non-admin)
  74. How are sites using wordpress hiding wordpress cookies that have “wp” or “wordpress” in the cookie name?
  75. Login issue with subdomain installs
  76. How Do I Redirect a WordPress Website?
  77. Entirely Cookieless WordPress?
  78. How can I move the subdomain to the root domain?
  79. Multisite has SSL certificate, but media library is still http://
  80. Use WP user status (logged_in) to manage access to independent application
  81. is_user_logged_in() returns different values on different pages
  82. how to remember specific action/event for current user?
  83. new WPMS site not working / Q setting up new site/subdomain
  84. When ever wordpress home page refreshes the code is not reading the cookie as set anymore
  85. http_referrer issue when detecting where site comes from and allow if from allowed host
  86. detect referr page
  87. Question of the subdomain
  88. Cookie is not set
  89. Logged In cookie gets saved but not Auth cookie
  90. is_user_logged_in() not working after domain change
  91. setcookie not working when defined with ‘/’ but working if not defined
  92. Why WordPress not logout after I have close my browser?
  93. How to use Cookie or Session php for one page and just a password
  94. How to create short urls for sharing and downloadable content?
  95. Serve HTTPS requests from subdomain
  96. Share login status across subdomains without network
  97. I have a question about the name of my blog [closed]
  98. How to get the id dynamically to store cookies
  99. Multiple Domains Same Install Different Static Pages
  100. Change author URL from /author/xyz to a subdomain xyz.domain.com for each new registered users

Leave a Comment