Moving $_SESSION across domains...

dalecosp

I have $_SESSION vars at [url]http://www.mysite.com,[/url] and it's time to input all that sensitive stuff like your name, credit card number and favorite ice cream flavor. Do I simply pass some variable (like PHPSESSID) in a GET string or POST var to https://secure.mysite.com (as long as it's on the same box) and PHP knows what to do?

TIA...

mogster

I'm out on a limb on this, but I think that if the cookie is set with the "domain.com" argument, it'll be valid for any protocol at that domain (or scheme, as they call it @ php.net).

But check out the setcookie-function at php.net - it contains all sorts of useful info.

knutm

dalecosp

Yeah, I guess I can look at setcookie() ; I am curious, though, because www.mysite.com is a name-based Apache virthost, and https://secure.mysite.com isn't; as near as I can tell in other types of operations, Apache treats them as totally different servers. If PHP doesn't, that'll be real good news.

Hopefully I'll have time in the next coupla days to get this tested and find a solution.

Thanks for your post...!!