Your solution sounds good. That's what I use too.

<[EMAIL PROTECTED]> wrote in message
> Problem: hosts "http://www."; and "https://secure."; of the same domain need
> to work with the same browser session_id.  This is a
> login/authenticate/redirect scenario.  In this case the session data store
> is a common MySQL database, so the issues of /tmp sharing, NFS, etc. are
> aside.  My platform is Apache 1.3.22 and RH Linux 7.1.
> What PHP v4.1.x method of exchanging the session_id and session_name is
> secure, most effective, and generally makes good soup?
> I've had some success with initial tests in appending
> '?PHPSESSID=29AE490...' to the URL and link hrefs, but that really seems
> ugly and unnecessary..... hopefully there's a better way!?
> This question seems to get asked a lot in the archives but there doesn't
> seem to be a "guideline" resolution.
> RF.

PHP Database Mailing List (
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]

Reply via email to