retaining session variables between subdomains

[envexlabs]

Hey,

 

I'm building a cart for a client and i've run into a problem.

 

I am putting the cart contents into a mysql database and using a session id to pull the contents when the user is in the cart.

 

The products are on domain.com and the cart is located at secure.domain.com.

 

I seem to be losing the session id between locations because of the subdomain.

 

Is there a way i can force the session id to stay the same between domains, or is there a better way to store/retrieve the cart contents other than session id.

 

Thanks,

envex

[DarkWater]

Change the session domain path the .yoursite.com instead of yoursite.com.  The . in front means 'any subdomain'.

[PFMaBiSmAd]

I am going to guess that when you go between these sub-domains you are also switching from the http to the https protocol?

 

Short version (I get tired of repeating information that is not exactly a secret) - session id's are not passed between protocols because it is NOT SECURE to do so. If you have a session and any of the information you are passing back and forth between the server and the browser is important enough to use https/ssl, then use https/ssl for all portions of the site that is using a session to store anything.

[envexlabs]

So would you be able to suggest a better way to handle the cart items?

[envexlabs]

anyone?