Need some assistance with an idea which seem to be complicated as I think of it and can't seem to figure out an appropriate implementation.
I'm working on a hosted service app which requires a php logging system to identify the user and their respective account. On this first login --if successful, a welcome information (user account info etc...) is displayed; also displayed, is the login page of actual application, in an iframe, within this welcome page.
Why use the iframe, you would ask? I want to display the second login feature on the welcome page of the first login system. On this page, the client is able to see and edit their account information or simply login into the application. On login (the second login system), the application is loaded in a new browser as a full screen.
My current challenge is whether I’m able to carry "$session" information of both login systems –the first one called “main_session.php” and second called “session.php”, within this new browser containing the app?
Note: Once in the application, the second login session works fine within the application, authenticating all pages within. Now I want to make sure that the session information from the first login system is functional with the application. So that the url of the application pages cannot be accessed without first having gone through the first login system.
I do trust that this is making some sense.
I appreciate any suggestions.