I am trying to have one session between the secure and the non secure part of my website. I have read some other posts but none of them had exactly what i needed.

Here is what i already know:

1. I have a central database and i have a session handling file.

2. I can't keep the secure and non-secure parts of the website separate because parts of it need to be in the secure area and parts of it don't. I don't really want to put the whole thing through SSL.

3. I need a session_id as soon as a user enters the website, not once the user logs in. The reason is that it is a shopping cart website and hence you need to be able to add things to the cart before login, and each user needs to have their own cart and hence u need the session_id right away.

With all that in mind, the reason its not working is that the secure part of the website is giving the database a new session_id compared to the one at the non-secure site. Why is this happening? Why are they receiving separate session_ids?

I am using the same browser window to access both sites. Does anyone have any ideas on how you could still make this work?

Thanks
Oliver