losing session ID

cougarhockey

When someone on the site goes from www.mysite.com to https://mysite.com (no www) their session ID changes

first time buying an SSL and was told I didn't need to have the www there, but then if i have https://www.mysite.com it comes up saying the cert doesn't match the site... https://mysite.com does though

is there an easy fix to this so I don't lose the session ID without reworking everything?

thanks

bastien

when you change protocols, you will essentially sign onto a diff site...so sessions are gone...you can counter this by placing a cookie on the client machine that points to a session record in the db or use to recreate the session on the server with the secure protocol

cougarhockey

thanks for the reply

I ended up just writing a javascript that detects if they entered the site via www.mysite.com and if they did then it redirects them to mysite.com

it's a temp fix for now. I'll have to do the cookies later

thanks