Maintain login session between http & https
Posted: Tue Oct 17, 2006 9:51 am
Hi guys,
First of all, apologies if this has been answered in the past. Just signed up to this forum, and couldn't find exactly what I was after.
I have a site where there are two urls:
http://www.example.com
https://secure.example.com
I wish to maintain a login session between the two. So I can pick & choose which pages are secure, whilst always maintaining the same session when switching between the two.
All the site's files are in the same directory, but if you use the secure url for a page it just makes that particular page secure.
I've been reading that you can store the session id in the database, store the session id in a cookie, then validate it on the non-secure area (and logging in automatically if it matches up). Unfortunately when I switch between the two my cookie isn't being passed. I'm using setcookie(). Is this just really setting a session? As I thought cookies were browser-side, and wouldn't matter if I switched between http & https...
I cannot find a satisfactory tutorial on this subject anywhere.
Please help!
First of all, apologies if this has been answered in the past. Just signed up to this forum, and couldn't find exactly what I was after.
I have a site where there are two urls:
http://www.example.com
https://secure.example.com
I wish to maintain a login session between the two. So I can pick & choose which pages are secure, whilst always maintaining the same session when switching between the two.
All the site's files are in the same directory, but if you use the secure url for a page it just makes that particular page secure.
I've been reading that you can store the session id in the database, store the session id in a cookie, then validate it on the non-secure area (and logging in automatically if it matches up). Unfortunately when I switch between the two my cookie isn't being passed. I'm using setcookie(). Is this just really setting a session? As I thought cookies were browser-side, and wouldn't matter if I switched between http & https...
I cannot find a satisfactory tutorial on this subject anywhere.
Please help!