[PHP] PHP Sessions and SSL
Hi,
I am currently developing a site which makes use of SSL and sessions.
However, sometimes when I submit
form data (from an SSL page to another SSL page on the same server), I get
an error saying This page
contains both secure and unsecure items. Do you want to display the
nonsecure items (I have had these
results in IE5.5 and IE6, possibly IE5 too). If I press yes, a DNS error
page appears. If i press no,
a page saying simply NavigationCancelled (without any spaces) appears.
This error seems to happen
randomly, and only when form data is being sent with POST (I haven't tried
it with GET or anything else
as it may be a security risk to have the form contents displayed in the
query string).
I have found a way to fix this, however, it had some undesirable affects
with pages being cashed (and
therefore not being displayed with any changed session variables). This
fix was done using session_cache_limiter('private'),
but I don't want to use this due to these caching effects.
Does anyone have any suggestions that could fix this problem? I would be
very grateful.
Richard Hilton
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
[PHP] Sessions and SSL
Hi,
I am currently developing a site which makes use of SSL and sessions.
However, sometimes when I submit
form data (from an SSL page to another SSL page on the same server), I get
an error saying This page
contains both secure and unsecure items. Do you want to display the
nonsecure items (I have had these
results in IE5.5 and IE6, possibly IE5 too). If I press yes, a DNS error
page appears. If i press no,
a page saying simply NavigationCancelled (without any spaces) appears.
This error seems to happen
randomly, and only when form data is being sent with POST (I haven't tried
it with GET or anything else
as it may be a security risk to have the form contents displayed in the
query string).
I have found a way to fix this, however, it had some undesirable affects
with pages being cashed (and
therefore not being displayed with any changed session variables). This
fix was done using session_cache_limiter('private'),
but I don't want to use this due to these caching effects.
Does anyone have any suggestions that could fix this problem? I would be
very grateful.
Richard Hilton.
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
[PHP] Sessions and SSL
I'm wondering if it's possible to somehow transfer session data across apache virtual hosts. Or if it's needed. I'd like to have a site that can pass certain session data from http: to https: Is this possible? I'd like to do this without cookies or ugly urls. I compiled php4.0.4 with transid (or whatever made transparent session data). Thanks. Jeffrey Schoolcraft -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
