http session -> https sessions

[cmgmyr]

Ok, i have a site that uses both http and https. I have the login on the http side and once I go to checkout items (in the https side) I get re-directed to the login page (which is supposed to happen when someone isn't logged on). I only get redirected in FF and Opera, IE works fine...go figure. Anyways...how can I use the same session information on both sides?

 

Thanks,

-Chris

[phat_hip_prog]

I'm just coming to this, but there is a https SID ($_SERVER['SSL_SESSION_ID']) as well, maybe try an alias, e.g. if(x=SID)or(y=SSID)), if you see my meaning.

P.S. I've not even checked if there the same?

[cmgmyr]

I tried to do this (which i don't know if its right)

$_SESSION['customers_id'] = $customers_id;   
$_SERVER['SSL_SESSION_ID'] = $customers_id; 

 

and this for my user checking

function getUser(){
	if(isset($_SESSION['customers_id'])) return $_SESSION['customers_id'];
	if(isset($_SERVER['SSL_SESSION_ID'])) return $_SERVER['SSL_SESSION_ID'];
}

 

It didn't work with this set up. Any ideas?

[phat_hip_prog]

Tbh I don't really use these session variables, however I wouldn't of thought by you changing the value would work because the server will generate the id each time the page is loaded (and not store the value you set). I'm thinking of storing both the general SID and the https SID, then check if strcmp($_SERVER['https'], 'on') == 0), if so I use the https SID, else I use the normal SID... dunno i'll tell you more next week when i've got to it.

[cmgmyr]

*bump* anyone else?