I've searched the archives and relevant web sites to no avail, so as a
last resort I'm turning to this knowledgeable group of people.
I'm working to set up a user authentication system using native PHP 4
sessions on a box running Apache, mod_perl, mod_ssl, PHP (the lastest),
etc.
PHP was compiled with the following options:
'./configure' '--with-sybase-ct=/usr/local/freetds'
'--with-config-file-path=/usr/local/lib' '--with-
apache=../apache_1.3.19' '--enable-track-vars' '--enable-memory-
limit=yes'
Here's the problem:
The browser is redirected by Apache (in the current setup, which for
other reasons won't be changed) from a URL like
http://somebody.com/foo/bar to a URL like https://somebody.com/bar.
I have had no luck getting sessions, session ids, HTTP_POST_VARS, etc to
successfully survive the redirect when the user moves between pages in
the site. (passing variables through the url works, but we need
something more secure than that).
My feeling is that I'm missing something obvious. Cookies are enabled
and working. I can start sessions and store variables, but only within
one page. Once the user goes through a redirect (to the same server),
everything is lost. It doesn't _seem_ like this should be a limitation
of PHP, but maybe it is.
Can anyone help clarify this?
Thanks,
Andrew Elliston
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]