This article mainly introduces how to solve the problem of cross-origin session sharing between http and https. For more information, see session sharing under HTTP and HTTPS protocols, A temporary solution is provided here.
Implementation principle: Set the session id to a local cookie.
As follows:
The code is as follows:
$ CurrentSessionID = session_id ();
Session_id ($ currentSessionID );
The following is the implementation code, which consists of http and https.
1. http:
The code is as follows:
<? Php
Session_start ();
$ CurrentSessionID = session_id ();
$ _ SESSION ['testvariable'] = 'session worked ';
$ SecureServerDomain = 'www .bitsCN.com ';
$ SecurePagePath = '/safePages/securePage. php'
Echo 'click here to jump to the HTTPS protocol ';
?>
2. HTTPS section
The code is as follows:
<? Php
$ CurrentSessionID = $ _ GET ['session'];
Session_id ($ currentSessionID );
Session_start ();
If (! Emptyempty ($ _ SESSION ['testvariable']) {
Echo $ _ SESSION ['testvariable'];
} Else {
Echo 'session did not work .';
}
?>
Note:
A bit of security problems, the transfer of session id is not encrypted, can be detected by sniffing, get this session id and then get session data.
We recommend that you encrypt this id.