Session across domains

[salewit]

I've got a site I'm working on using session variables. My hosting is shared, and at one point must cross into a secure server, so the address will change from say

http://www.domain.com/nextgoestosecure.php

to

https://secure.servername.com/~user/continue.php.

When this happens, I lose my session variables. I tried putting this into my link that jumps from domain.com:

header ("Location:

https://secure.servername.com/~user/continue.php?PHPSESSID="

. $PHPSESSID);

and it does carry the session ID in the URL, but it's not restoring my session variables. Sorry if this is a basic question. I searched around and couldn't find an answer that I could understand.

Thanks so much,
Sam

 

[jpadie]

couple of ideas:

1. use an iframe to display the secure page and have the framing page on your normal server (and instantiate the session on that page). to the extent that you need to pass a message back, write a text file or do some javascript coding to write the variables you need back into the framing page before moving to the next page.

2. send the session variables to the secure server and then send them back again. recreate the old session by writing all the variables (something like:

$vars = serialize($_SESSION); //serialize the session vars
header("Location:[URL unfurl="true"]https://www.domain.com/page.php?sessvars=$vars");[/URL] //pass them serialized string to the new page

//pass them back in exactly the same way (no need to reserialise unless you use the string on the secure site in which case adapt the code below 

// to reuse the vars 
$vars = unserialize($_GET['incomingsessionvars'])
foreach ($vars as $key=>$val)
{
  if ($key != "PHPSESSID") {$_SESSION[$key] = $val;}
}

//

3. run the session through cookies instead.

there is a good discussion on session management on the php.net website.

hth
Justin

 

[Bastien]

another option is to store the session variables in a db table

Bastien

I wish my computer would do what I want it to do,
instead of what I tell it to do...