Page 1 of 1

Wildcard SSL and sessions

Posted: Fri Aug 18, 2006 5:11 am
by mbaroz
Hi
I need help , I have wildcard certificate that i use for other domains as Mydomain.maindomain.com and the HTTP domain is: http://www.Mydomain.com

When i redirecting/linking from HTTP session to HTTPS session i loose the session Vars/ARRAYS
I would like to use a simple page that copies whole arrays / vars from the HTTP Session ->https

I tried to pass the PHPSESSID to the HTTPS session using $_COOKIE['PHPSESSID']=session_id();

well it is working only on the HTTPS session But loose all when im back to the HTTP session

Please help , any other solution ? ( i dont want to start managing a table in the Database..)

Thanks
moshe

Posted: Fri Aug 18, 2006 7:34 am
by volka
I cannot reproduce the behaviour.
Which browser do you use?

Posted: Fri Aug 18, 2006 9:05 am
by feyd
Pass the session ID via the URL. Transferring across security boundries is a division line for cookies most often.

Wildcard SSL and sessions

Posted: Fri Aug 18, 2006 9:44 am
by mbaroz
I am using IE / Mozilla FireFox

Posted: Fri Sep 08, 2006 3:54 pm
by RobertGonzalez
Not to drag up an old thread, but when passing a session id by URL, we use SID or PHPSESSID as the get var?

Posted: Fri Sep 08, 2006 4:02 pm
by feyd

Code: Select all

'?' . rawurlencode(session_name()) . '=' . rawurlencode(session_id())
is my preferred sort of way.

Posted: Fri Sep 08, 2006 6:20 pm
by RobertGonzalez
That is sweet. Thanks feyd.