SESSION variables lost when URL masked

[Okewood]

Apologies if this has been covered before but much searching failed to find an answer.

I have a site (say "www.site1.com") that uses $_SESSION variables to hold login information, which works perfectly when accessed using its own URL.

I have another URL (say "www.site2.com") that my web host has redirected for me to www.site1.com and "masked", so that the www.site2.com URL is shown. Problem is, when accessing the site using the masked URL, $_SESSION doesn't hold its values between pages.

Anyone come across this before?

[Muddy_Funster]

Not personaly, but I can't imagin a situation where I would be using that kind of setup.  I would expect the issue is to do with the redirect from one domain to another, it would make sense that it does not maintain a perpetual connection between pages at the end user level.  You will probably need to use custom cookies to store the info on the client machine (assuming that it has cookies enabled) as a workaround.

[Okewood]

I think you're right about the redirect/mask being the issue and the requirement is purely to keep a client happy (!), like you it's not something I'd choose but I'm still surprised there's almost nothing about it when searching the web.

[Muddy_Funster]

Can't you just have the full A record for the site2.com point to the hosted space used also by site1.com, rather than the way it is set just now?

[Okewood]

Possibly - and a good thought. Complicated by the fact that the redirect includes a query_string element that acts as a switch so that www.site1.com displays the relevant images to create a "skin" pertinent to the "www.site2.com" client. And of course, I store these images in those SESSION variables too, so along with not being able to log in, the graphics are all missing as well!

Argghhh!

[Muddy_Funster]

Couldn't you store the skin decision in the database with the other user credentials? - or be a bit more extreme and alocate skins by end user IP address.

[Okewood]

IP address is no good becase they could use it from anywhere. DB might be an option if no-one has any solutions but the site is riddled with other information held in SESSION variables - DB request arrays, sorting, etc.etc..

Cheers anyway!

[Muddy_Funster]

using cookies not an option?

[Okewood]

May be the only option - I'll ask if their "corporate" stance is to have them allowed or not.