Session lost when switching from HTTP to HTTPS in PHP


Hits: 4306  

Sometime we face the problem when we navigate from HTTP URL to HTTPS URL our session lost.

You can manage session between HTTP to HTTPS or HTTPS to HTTP:

1. Transmit session ID between page using GET

2. POST session ID by POST

3. Use files to save sessions

4. Use Cookies for sessions

5. Use database to save session

Below example can be used to transmit using GET….

File : http.php
……………

<?php

session_start();

$sessionID = session_id();

$_SESSION[‘svnlabs’] = ‘Demo session between HTTP HTTPS’;

echo ‘<a href=”https://www.svnlabs.com/https.php?session=’.$sessionID.'”>Demo session from HTTP to HTTPS</a>’;

?>

File: https.php
……………

<?php

$sessionID = $_GET[‘session’];

session_id($sessionID);

session_start();

if (!empty($_SESSION[‘svnlabs’])) {
echo $_SESSION[‘svnlabs’];
} else {
echo ‘Demo session failed’;
}

?>
IE7 : This page contains both secure and nonsecure items

You have to use relative path for all static resource on page like css, js, images, flash etc. to avoid IE message secure and nonsecure items…

IE message

Well! stay with us….. 🙂