Session variables & different URLS

Anon

I have a php application that needs to pass a session variable from one url to another.
The reason for this is that one url is non-secure and the other is secure. Both url's point to the same server and same directory. So far all my tests fail to retain the session variable information.
Here is an example test scenario:

Non-secure page: (www.<url>.com/test.php)
<?php
session_register("test_var");

$test_var = "Hello World";

echo "<a href=\"https://www.<new_url>.com/secure.php?<SID?>\">click for test</a>";

Secure page: (www.<new_url>.com/secure.php)
<?php
session_register("test_var");

echo $test_var;

Any ideas would be appreciated.

Blair.

alfoxy

do you have session_start() at the top of the pages ?
You have the set up the wrong way around, it should be ...
$test_var = "Hello World"; ...then...
session_register("test_var");
You check a var by
echo $HTTP_SESSION_VARS['test_var'];

Anon

Thanks for the input but it didn't make any difference. $HTTP_SESSION_VARS['test_var'] still is empty on the secure page.

Blair.

alfoxy

Have you tested it on a non secure page?
Al

Anon

yes, works fine.
I'm not sure if the php server deletes the sessid file when you leave the non-secure url or if it just doesn't allow access from the secure url.

bretticus

testing....coudl post earlier (MySQL error)

bretticus

you need not to re-register your session variable in the secure page. In fact I would suspect that this resets the value (allthough I have not tried it). Use session_start() in the secure page unless you have configured php.ini to turn on sessions implicitly.