Problem: hosts "http://www." and "https://secure." of the same domain need
to work with the same browser session_id. This is a
login/authenticate/redirect scenario. In this case the session data store
is a common MySQL database, so the issues of /tmp sharing, NFS, etc. are set
aside. My platform is Apache 1.3.22 and RH Linux 7.1.
What PHP v4.1.x method of exchanging the session_id and session_name is most
secure, most effective, and generally makes good soup?
I've had some success with initial tests in appending
'?PHPSESSID=29AE490...' to the URL and link hrefs, but that really seems
ugly and unnecessary..... hopefully there's a better way!?
This question seems to get asked a lot in the archives but there doesn't
seem to be a "guideline" resolution.
PLEASE and THANK YOU!
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]