Solution of HTTP and HTTPS cross-domain sharing session in PHP _php tips

The problem of cookie invalidation is resolved under HTTP, HTTPS protocol session sharing, which provides an interim solution.
Implementation principle: Set the session ID to a local cookie.

As follows:

Copy Code code as follows:

$currentSessionID = session_id ();
session_id ($currentSessionID);

The following is the implementation code, divided into HTTP and https two parts.

1,http section:

Copy Code code as follows:

<?php
Session_Start ();
$currentSessionID = session_id ();
$_session[' testvariable '] = ' session worked ';
$secureServerDomain = ' www.jb51.net ';
$securePagePath = '/safepages/securepage.php '
Echo ' <a href= ' https://'. $secureServerDomain. $securePagePath. ' session= '. $currentSessionID. ' > here jumps to HTTPS protocol </a> ';
?>

2,https part

Copy Code code as follows:

<?php
$currentSessionID = $_get[' Session '];
session_id ($currentSessionID);
Session_Start ();
if (!emptyempty ($_session[' testvariable ')) {
echo $_session[' testvariable '];
} else {
Echo ' session did not work. '
}
?>

Description
There is a security problem, the session ID transmission is not encrypted, you can sniff detect, get this session ID and then get session data.
It is recommended that you encrypt this ID.