Just wanted to say thanks, as I ran into this problem and this led me to the fix. For any one else, here is a bit more information: http://stackoverflow.com/questions/308659/session-not-saving-when-moving-from-ssl-to-non-ssl
On Dec 4, 10:13 am, Mathew <[EMAIL PROTECTED]> wrote: > Hi Robert, > > I've never done what you have done, but I'm sure it's possible because > most people do shopping carts this way. > > The problem might be that Cake is switching to secure cookies when it > finds the current URL is using HTTPS. The cookie is used to store the > session ID and when the switch to secure cookies happens maybe Cake > can't find the insecure cookie and starts a new session. > > I'm not sure if Cake supports this? You might have come across a bug. > > You might have to pass the session ID in the URL when switching from > HTTP to the HTTPS and then use that ID in the HTTPS session to recover > the old session. > > Here are the methods for getting and setting the session ID. > > $session->id() will return the current session ID. > $session->id($id) will set the session ID. > > The other work around is to comment out the code in Cake that switches > to secure cookies. > > if ($ini_set && env('HTTPS')) { > ini_set('session.cookie_secure', 1); > > } > > I only recommend this if you know for sure you don't need secure > cookies. I also don't know if this is a wise security thing to do. > > Let me know if that helps? --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "CakePHP" group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~----------~----~----~----~------~----~------~--~---