Forum Moderators: coopster
i m junior programmer... and i m really in a mess with this https to http stuff...
====>My Problem:
1. Not able get any global variables from https to http.. as those are considered as different domains....
2. when my user logs in i want some of it info in http but my sessions are created in https so i m not able to access it.
====>What i have tried
1. I have tried to get all the $GLOBALS variable over https to http but failed every time....
2. i have tried to pass hidden variables from https to http...but the problem is i have to put them into form which should be posted all the time ...
====> My Questions..
1.. Is this the right way what i am doing ?
2. If Yes.... how can i make a form should submit my data everytime without any event (accept javascript or with javascript)... i have not tried by adding javascript coz what if script in browser so i need to do it without it...!?
3..if u can suggest me other option which is better than this than i am ready to listen.?
Thanks for reading my post .. if u have solutions please provide me....
Thanks,
Bhavin Shah
If you need to pass the data from secure to non-secure mode you should be able to set the session cookie to bridge between the two. The PHP manual page for session handling is a must read for anybody using sessions and be sure to read and understand what each session configuration directive [php.net] does.
what i have done
session_set_cookie_params(0,"secure.mydomain.com/file.txt",".mydomain.com");
i have written this line when i have verified log in and created session registered variables.... i have put this line before session_start()
and when i have called session_get_cookie_params() it gave me all the default variable which are specified in php.ini...
well what i think for my solution ====>>
i should ask my hosting company to set this in my domain php.ini
session_set_cookie_params(0,"secure.mydomain.com/file.txt",".mydomain.com");
httpdocs and httpsdocs are at same level....
so i have to give static path to access session params....
and when ever i need to access sesssion which are created in secure site i ll call session_get_cookie_params(); before i start the session or i use any $_Session['VariableName']
this is what i understood from the the link u provided not much example to do it .....
please tell me should i continue with my thought or i am missing something?
Thanks,
Bhavin Shah
the reason i have put ".mydomain.com" i am guessing that as httpdocs & httpsdocs are same level
httpdocs is accessible : www.mydoamin.com
httpsdocs is accessible: secure.mydomain.com
and i want to access secure.mydomain.com session in www.mydoamin.com
so am i able to do it with this string?
session_set_cookie_params(0,"secure.mydomain.com/file.txt",".mydomain.com");
?
eg:
http://www.example.com/index.php?sid=123 => [secure.example.com...]
Then you examine the /GET array to retrieve the id. You compare/validate it against the sessions stored and you issue the 2nd cookie if everything is good.
