Problem: hosts "http://www." and "https://secure." of the same domain need to work with the same browser session_id. This is a login/authenticate/redirect scenario. In this case the session data store is a common MySQL database, so the issues of /tmp sharing, NFS, etc. are set aside. My platform is Apache 1.3.22 and RH Linux 7.1. What PHP v4.1.x method of exchanging the session_id and session_name is most secure, most effective, and generally makes good soup? I've had some success with initial tests in appending '?PHPSESSID=29AE490...' to the URL and link hrefs, but that really seems ugly and unnecessary..... hopefully there's a better way!? This question seems to get asked a lot in the archives but there doesn't seem to be a "guideline" resolution. PLEASE and THANK YOU! RF.
-- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]