Forum Moderators: coopster
I'm trying to pass the current $_SESSION[] array variables to my secure domain for payment details.
I am attempting this via passing the SID via URL thus:
example1.php (Non-SSL)
<?
session_start(); // Start Session
$_SESSION['package']='Package1';
$SID = session_id();
echo $_SESSION['package'] ;
echo "<form action='https://secure.example.com/example2.php?SID=$SID' method='post'><input type='submit' value='Continue'></form>";
?>example2.php (SSL)
<?
session_start(); // Start Session
if (isset($_GET['SID'])) {
$_SESSION['session_id']=$_GET['SID'];
}
echo $_SESSION['package'] ;
?>However, example2.php keeps coming back with "Undefined index: package"
What am I doing wrong?
However, the code is all wrong.
Firstly, read this:
[us3.php.net...]
This:
$SID = session_id();
is not needed, as SID is a predefined constant.
in example 2,
this:
$_SESSION['session_id']=$_GET['SID'];
Look closely at example 3 in the above link on the PHP site - that should help you out.
in
$_SESSION['session_id']=$_GET['SID'];
What I was attempting to do was pass the SID from the non-SSL session to the SSL session.
Basically, I have a bunch of session variables obtained during the non-SSL session:
$_SESSION['user_first_name']='Fred'
$_SESSION['user_last_name']='Blogs'
$_SESSION['user_address']='1313 Mockingbird Ln'
etc
but I am losing these when the user goes to SSL for payment and I don't want that to happen.
I looked at example 3 but didn't see how this related to my problem of transfering session variables between domains (non-SSL & SSL).
I had looked elswhere here and the solution seemed to be to pass the SID via the URL. I assumed you then just assign the current SID to be the old SID.
Thanks for any help
SID is null and if I create a variable $id=session_id() and use that in the URl, the session id is passed but the $count is not incremented.
I must have a bigger problem eh?
in
$_SESSION['session_id']=$_GET['SID'];What I was attempting to do was pass the SID from the non-SSL session to the SSL session.
OK, that's not how you do it - that'll just set a session variable called "session_id" to whatever $_GET['SID'] happens to be.
example 3 actually appears to be missing a session_start(); statement right after the opening <?php tag, as in the other 2 examples.
In any script where you need to use session variables, this must be present. Try adding this and see how you get on.
Edit: SID will be null if the session cookie is present on the client - in this case, your session cookie is probably not being set and/or read correctly, as barnes101 suggested
[us3.php.net...]
If this is the case, there should be no need to pass the session ID via the URL anyway.
Also, bear in mind that it is not possible to tell if a session cookie can be set or not on the first invocation of a script - if that is relevant in this case or not, I don't know.
[edited by: FalseDawn at 7:13 am (utc) on Oct. 31, 2006]
I added session_start() but it now comes back with "Undefined variable: count" on the second load of the page.
The URL (in the address bar) still shows ..../nextpage.php?
(no SID)
If I assign $id=session_id() and pass that, the SID appears in the address bar, but I still get the error "Undefined variable: count"
I also tried another example of storing the SID in the DB but this also failed. I seem to have a setting that's gone bad. Is there something I can look for in phpinfo() perhaps?
Thanks
[edited by: Kenton at 1:04 am (utc) on Nov. 1, 2006]
