Your solution sounds good. That's what I use too.
<[EMAIL PROTECTED]> wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Problem: hosts "http://www." and "https://secure." of the same domain need
> to work with the same browser session_id. This is a
> login/authenticate/redirect scenario. In this case the session data store
> is a common MySQL database, so the issues of /tmp sharing, NFS, etc. are
> aside. My platform is Apache 1.3.22 and RH Linux 7.1.
> What PHP v4.1.x method of exchanging the session_id and session_name is
> secure, most effective, and generally makes good soup?
> I've had some success with initial tests in appending
> '?PHPSESSID=29AE490...' to the URL and link hrefs, but that really seems
> ugly and unnecessary..... hopefully there's a better way!?
> This question seems to get asked a lot in the archives but there doesn't
> seem to be a "guideline" resolution.
> PLEASE and THANK YOU!
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]