SSL and session
This is a discussion on SSL and session within the PHP Language forums, part of the PHP Programming Forums category; I was wondering if someone could help me with a problem that I'm having in retrieving session variables on ...
|
|||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
10-06-2003
|
|||
|
|||
SSL and session
I was wondering if someone could help me with a problem that I'm having
in retrieving session variables on a site I am working on for a friend. I have made the site more developer friendly by passing the filename for the page body through the URL, e.g www.mysite.com?page=body1.php. This works well allowing simply writing the code for the body without having to change the page header, footer and sidebar. For example, the index.php looks something like this: ################ <?php include_once($path.'/includes/phpBB_session.php'); include_once($path.'/includes/common.php'); include_once($path.'/includes/functions.php'); ?> <html> <head> <title></title> </head> <table> <tr> <td colspan="4"> <?php include('header.php'); ?></td> </tr> <tr> <td> <?php include ($path.$page); ?> </td> <td> </td> <td><?php include('rightmenu.php'); ?> </td> </tr> <tr> <td colspan="3"><?php include('footer.php'); ?> </td> </tr> </table> </body> </html> ################ I have also integrated phpBB sessions throughout the site - fairly straightforward as well. This is phpBB_session.php: ################ define('IN_PHPBB', true); $phpbb_root_path = $_SERVER['DOCUMENT_ROOT'].'/phpbb/'; require_once($phpbb_root_path . 'extension.inc'); require_once($phpbb_root_path . 'common.php'); // // Start session management // $userdata = session_pagestart($user_ip, PAGE_INDEX); init_userprefs($userdata); // // End session management // ################# Now I can tailor the content of the page body depending on whether users are logged in or not and based on their group membership in phpBB. This has worked very well. I now want to implement a classified ad system and need to securely capture users credit card details. The certificate is working. The problem starts when I call the page "https://www.mysite.com? page=classifieds.php". When I try to echo $userdate['username'] in classifieds.php nothing shows up. All of the session variables are empty. Strangely if i put $userdate['username'] in headers.php and footer.php it appears. If i stick the code for classifieds.php in index.php, $userdate ['username'] appears. I suspect that because I am passing the body of the page dynamically through the URL it is somehow filtered or reset when using ssl. I would still like to use my dynamic way of calling page body content rather than have to resort to a less dynamic solution. Is it just the nature of the beast (ssl) that I can't do it this way? Not having used ssl before I'm a bit lost. I have tried passing the session id to the new page through the URL but I can't seem get it working that way either (again not sure why). Any help appreaciated. 
|
Linear Mode
