Check if the browser transmit the Session ID in the first http connection,
and if the SID transmitted in https is equal to the SID transmitted in
http...
it's possible that turning https to http cause that php think that it's
another domain...
Look at the settings in php.ini or use ini_alter function...
------------------------------
Federico
[EMAIL PROTECTED]
------------------------------
Ben Edwards <[EMAIL PROTECTED]> wrote in message
[EMAIL PROTECTED]
> We have a site which logs in using https (secure site) but the rest of the
> site is in http (non-secure site). We are doing this because we do not
> have/want to pay for a secure key. The login form posts back to itself
so
> the whole login is in https.
>
> The problem is the session variables set in https (username and ip
address)
> are not available in http. Has anybody got any word rounds/solutions for
this?
>
> Regards,
> Ben
> *+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+
> * Ben Edwards [EMAIL PROTECTED] +352 091 429995 *
> * This Email account is protected by http://www.spamcop.net *
> * ALL spam is reported to ISP and there network provider *
> * Homepage http://www.gifford.co.uk/~bedwards *
> * i-Contact Progressive Video http://www.videonetwork.org *
> * Smashing the Corporate image http://www.subvertise.org *
> * Bristol's radical news http://www.bristle.co.uk *
> * Open Directory Project http://www.dmoz.org *
> *+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
