Sessions with https

blckspder

Hello, I built a shopping cart for my site and it is behind a secure connection(https). When ever I initialize the session_start() or use session_register, the cart and forms do not work. Im not passing anything from a regular http:// so i figured it could work.. does this have anything to do with the https: or is it the server? I believe the secure site and the regular site are both on the same machine. and the sessions on the non-secure site work fine. Please let me know thank you.

Antoni

MarkR

You may be using inappropriate cookie settings.

Firstly, if you want any illusion of security, don't pass session IDs in the URL. Enable session.use_only_cookies instead.

Are you having problems with session state being maintained between HTTP and HTTPS pages, or between HTTPS pages?

What domain and cookie domain are you using?

Can you reproduce this in your development environment?

Does your application run with error_reporting(E_ALL) and no errors, warnings or notices normally?

Mark