Re: [PHP] sessions broken when redirected?

Thu, 29 Mar 2001 11:47:27 -0800 

I don't know 100& for sure, but I believe since it is going to an https
link, it considers it a new domain(or something) and that's why the sessions
aren't persisting.  The same thing happens if you redirect from say
www.domain.com to www2.domain.com.  I odn't know any way around it, except
encoding, passing in URL and decoding on the other side.

jon


----- Original Message -----
From: <[EMAIL PROTECTED]>
To: "Php-General@Lists. Php. Net" <[EMAIL PROTECTED]>
Sent: Thursday, March 29, 2001 2:57 PM
Subject: [PHP] sessions broken when redirected?


> I've searched the archives and relevant web sites to no avail, so as a
> last resort I'm turning to this knowledgeable group of people.
>
> I'm working to set up a user authentication system using native PHP 4
> sessions on a box running Apache, mod_perl, mod_ssl, PHP (the lastest),
> etc.
>
> PHP was compiled with the following options:
>
> './configure' '--with-sybase-ct=/usr/local/freetds'
> '--with-config-file-path=/usr/local/lib' '--with-
> apache=../apache_1.3.19' '--enable-track-vars' '--enable-memory-
> limit=yes'
>
> Here's the problem:
> The browser is redirected by Apache (in the current setup, which for
> other reasons won't be changed) from a URL like
> http://somebody.com/foo/bar to a URL like https://somebody.com/bar.
>
> I have had no luck getting sessions, session ids, HTTP_POST_VARS, etc to
> successfully survive the redirect when the user moves between pages in
> the site. (passing variables through the url works, but we need
> something more secure than that).
>
> My feeling is that I'm missing something obvious. Cookies are enabled
> and working. I can start sessions and store variables, but only within
> one page. Once the user goes through a redirect (to the same server),
> everything is lost. It doesn't _seem_ like this should be a limitation
> of PHP, but maybe it is.
>
> Can anyone help clarify this?
>
> Thanks,
> Andrew Elliston
>
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
> To contact the list administrators, e-mail: [EMAIL PROTECTED]
>


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]

Reply via email to