PHP simple implementation of HTTP and HTTPS cross-domain Sharing session Solution

Source: Internet
Author: User
This article mainly introduces PHP's simple solution for implementing HTTP and HTTPS cross-domain sharing sessions. The method described in this article is relatively simple. For more information, see

This article mainly introduces PHP's simple solution for implementing HTTP and HTTPS cross-domain sharing sessions. The method described in this article is relatively simple. For more information, see

Solution to cookie failure through session sharing over HTTP and HTTPS: (maybe not the best, but practical)

The principle is to set the session id to a local cookie,

The Code is as follows:


$ CurrentSessionID = session_id ();
Session_id ($ currentSessionID );


Simple Example code:

(HTTP)

The Code is as follows:


Session_start ();
$ CurrentSessionID = session_id ();
$ _ SESSION ['testvariable'] = 'session worked ';
$ SecureServerDomain = 'www .sjolzy.cn ';
$ SecurePagePath = '/safePages/securePage. php'
Echo 'click here to jump to the HTTPS protocol ';


(HTTPS)

The Code is as follows:


$ CurrentSessionID = $ _ GET ['session'];
Session_id ($ currentSessionID );
Session_start ();
If (! Emptyempty ($ _ SESSION ['testvariable']) {
Echo $ _ SESSION ['testvariable'];
} Else {
Echo 'session did not work .';
}


This is a bit of a security issue, because in this case, the session id is not encrypted, and others can sniff and detect it, get this session id, and then get your session data. You can encrypt this id if necessary.

The cookie settings of a magento site have been invalid for many days. The last thing I realized was that the cross-domain communication between HTTP and HTTPS invalidates the COOKIE ..

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.