Hello everyone, I'm having the following errors and hope that someone can help. Please advise.
I have an authentication script that uses session to authenticate and track the user. Every was working fine under HTTP, but when I move the application to a secure server (HTTPS), my session variables no longer hold their values. They all return BLANK. Am I missing something? Please asdvise. //Sample Code //login.html [html Form code goes here ... with action='https://www.site.com/login.php?option=login' ] //authentication //login.php if(username and password match) { session_save_path('/tmp'); session_name('sName'); session_start(); [** get user id, user type, and name from db...] //set session vars $_SESSION['userid'] = $database->userid; $_SESSION['type'] = $databe->type; $_SESSION['ACCESS'] = 'PASS'; }else{ echo '...invalid username/password...'; } ... //access restricted subpage // otherpage.php //check access. This code is actually in a function called Authenticate() that return TRUE on a successfull match. if(isset($_SESSION['ACCESS']) and $_SESSION['ACCESS']=='PASS'){ echo 'This is a valid user...'; }else{ echo 'Authentication failed...Access denied...'; } Now, the authentication failed (on the last page (otherpage.php), because the $_SESSION variable is empty. a quick print_r($_SESSION) statement returns an empty array. Basically, the $_SESSION content is not being preserved. Any idea what is causing that? Please advise. _john =P e p i e D e s i g n s www.pepiedesigns.com Providing Solutions That Increase Productivity Web Developement. Database. Hosting. Multimedia. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php