envexlabs Posted October 12, 2008 Share Posted October 12, 2008 Hey, I'm building a cart for a client and i've run into a problem. I am putting the cart contents into a mysql database and using a session id to pull the contents when the user is in the cart. The products are on domain.com and the cart is located at secure.domain.com. I seem to be losing the session id between locations because of the subdomain. Is there a way i can force the session id to stay the same between domains, or is there a better way to store/retrieve the cart contents other than session id. Thanks, envex Quote Link to comment Share on other sites More sharing options...
DarkWater Posted October 12, 2008 Share Posted October 12, 2008 Change the session domain path the .yoursite.com instead of yoursite.com. The . in front means 'any subdomain'. Quote Link to comment Share on other sites More sharing options...
PFMaBiSmAd Posted October 12, 2008 Share Posted October 12, 2008 I am going to guess that when you go between these sub-domains you are also switching from the http to the https protocol? Short version (I get tired of repeating information that is not exactly a secret) - session id's are not passed between protocols because it is NOT SECURE to do so. If you have a session and any of the information you are passing back and forth between the server and the browser is important enough to use https/ssl, then use https/ssl for all portions of the site that is using a session to store anything. Quote Link to comment Share on other sites More sharing options...
envexlabs Posted October 12, 2008 Author Share Posted October 12, 2008 So would you be able to suggest a better way to handle the cart items? Quote Link to comment Share on other sites More sharing options...
envexlabs Posted October 13, 2008 Author Share Posted October 13, 2008 anyone? Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.