Re: Loosing SESSION When Transitioning from https to http Using Session Component
I am having the same problem and here is the fix that I used: http://stackoverflow.com/questions/308659/session-not-saving-when-moving-from-ssl-to-non-ssl Hope that helps you. On Aug 17, 11:49 am, vb13 wrote: > Yes, I am doing this to save a find in a view. You are good Brian :). > > Except that the find is not a database call, it calls Salesforce via > an API so I want to save a couple of seconds of a user's time. > > Still do not understand why Cake does this while I can use $_SESSION > directly and everything works. Is this some kind of a security thing? > > Val > > On Aug 17, 12:12 pm, brian wrote: > > > Use https for the redirect, also. Either that, or redesign your app so > > you don't require thesessionvars in the other view. Are you doing > > this to save doing a find() in the "view" view? > > > On Mon, Aug 17, 2009 at 10:22 AM, vb13 wrote: > > > > I have a User Edit page that submits data over https /user/edit. The > > > controller saves data and redirects via http to /user/view. > > > > In the process I use phpsessionto read/write some data. If I access > > >sessiondata using CakeSessioncomponent, I loose mysession. As a > > > result I get redirected to a login page. This is not aproblemwhen I > > > access $_SESSION in my code directly. > > > > I tracked http requests using FF Live Http Headers plugin and noticed > > > that in addition to setting a cookie like so: > > > > Set-Cookie: TMCONSOLE=h4790sptdlflu4cenumitm8ga0; path=/ > > > > Cake also writes out > > > > Set-Cookie: TMCONSOLE=h4790sptdlflu4cenumitm8ga0; expires=Fri, 21 Aug > > > 2009 19:30:23 GMT; path=/; secure > > > > (which is why the browser drops the cookie I suppose). > > > > I assume Edit secure data / save / redirect to be a pretty standard > > > case. Does anyone else looses theirsession? How can I fix it? I > > > prefer to always accesssessionusing Cake's component. --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "CakePHP" group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~--~~~~--~~--~--~---
Re: Loosing SESSION When Transitioning from https to http Using Session Component
Yes, I am doing this to save a find in a view. You are good Brian :). Except that the find is not a database call, it calls Salesforce via an API so I want to save a couple of seconds of a user's time. Still do not understand why Cake does this while I can use $_SESSION directly and everything works. Is this some kind of a security thing? Val On Aug 17, 12:12 pm, brian wrote: > Use https for the redirect, also. Either that, or redesign your app so > you don't require the session vars in the other view. Are you doing > this to save doing a find() in the "view" view? > > On Mon, Aug 17, 2009 at 10:22 AM, vb13 wrote: > > > I have a User Edit page that submits data over https /user/edit. The > > controller saves data and redirects via http to /user/view. > > > In the process I use php session to read/write some data. If I access > > session data using Cake Session component, I loose my session. As a > > result I get redirected to a login page. This is not a problem when I > > access $_SESSION in my code directly. > > > I tracked http requests using FF Live Http Headers plugin and noticed > > that in addition to setting a cookie like so: > > > Set-Cookie: TMCONSOLE=h4790sptdlflu4cenumitm8ga0; path=/ > > > Cake also writes out > > > Set-Cookie: TMCONSOLE=h4790sptdlflu4cenumitm8ga0; expires=Fri, 21 Aug > > 2009 19:30:23 GMT; path=/; secure > > > (which is why the browser drops the cookie I suppose). > > > I assume Edit secure data / save / redirect to be a pretty standard > > case. Does anyone else looses their session? How can I fix it? I > > prefer to always access session using Cake's component. --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "CakePHP" group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~--~~~~--~~--~--~---
Re: Loosing SESSION When Transitioning from https to http Using Session Component
Use https for the redirect, also. Either that, or redesign your app so you don't require the session vars in the other view. Are you doing this to save doing a find() in the "view" view? On Mon, Aug 17, 2009 at 10:22 AM, vb13 wrote: > > I have a User Edit page that submits data over https /user/edit. The > controller saves data and redirects via http to /user/view. > > > In the process I use php session to read/write some data. If I access > session data using Cake Session component, I loose my session. As a > result I get redirected to a login page. This is not a problem when I > access $_SESSION in my code directly. > > I tracked http requests using FF Live Http Headers plugin and noticed > that in addition to setting a cookie like so: > > Set-Cookie: TMCONSOLE=h4790sptdlflu4cenumitm8ga0; path=/ > > > Cake also writes out > > Set-Cookie: TMCONSOLE=h4790sptdlflu4cenumitm8ga0; expires=Fri, 21 Aug > 2009 19:30:23 GMT; path=/; secure > > (which is why the browser drops the cookie I suppose). > > I assume Edit secure data / save / redirect to be a pretty standard > case. Does anyone else looses their session? How can I fix it? I > prefer to always access session using Cake's component. > > > --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "CakePHP" group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~--~~~~--~~--~--~---
Loosing SESSION When Transitioning from https to http Using Session Component
I have a User Edit page that submits data over https /user/edit. The controller saves data and redirects via http to /user/view. In the process I use php session to read/write some data. If I access session data using Cake Session component, I loose my session. As a result I get redirected to a login page. This is not a problem when I access $_SESSION in my code directly. I tracked http requests using FF Live Http Headers plugin and noticed that in addition to setting a cookie like so: Set-Cookie: TMCONSOLE=h4790sptdlflu4cenumitm8ga0; path=/ Cake also writes out Set-Cookie: TMCONSOLE=h4790sptdlflu4cenumitm8ga0; expires=Fri, 21 Aug 2009 19:30:23 GMT; path=/; secure (which is why the browser drops the cookie I suppose). I assume Edit secure data / save / redirect to be a pretty standard case. Does anyone else looses their session? How can I fix it? I prefer to always access session using Cake's component. --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "CakePHP" group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~--~~~~--~~--~--~---