chris
Reputation: 2951
https form validation not passing SESSION VARIABLES - PHP
I had my form processes working perfectly but after renaming the form action to
<form action="https://www.example.com/validate.php" method="post">
for working with an SSL certificate it stopped working. Seems as though the SESSION variables are no longer being passed properly...
Is there something I should know about https and forms? If I keep the form action path relative it works fine but will my form be secure?
Upvotes: 1
Views: 1824
Answers (1)
mauris
Reputation: 43619
- Debug whether cookies send to HTTP site is also sent to HTTPS site or not.
- Is your HTTPS server able to be loaded at the first place? Maybe the configuration is not right or something.
- If it is relatively path, it will not be secured, since your page is not secured.
- You can try loading the page with this form on the secure HTTPS server, and do the postback. (i.e. secure -> secure)
Next, you might want to pass your Session ID of the non-secure page to the secure page.
e.g. at Form page:
<form action="https://www.example.com/validate.php" method="post">
<input type="hidden" value="<?php echo session_id(); ?>" name="sid" />
at postback page:
session_id($_POST['sid']);
you should be able to reconnect to the session. hope it helps.
Upvotes: 2
Related Questions
- PHP Session not being passed
- Form with login and password not working
- Validating form using php session
- Understand & fix php session lost between https and http
- Passing session variables between HTTP and HTTPS
- POSTing to https form not always working
- PHP session HTTP to HTTPS problem
- php form validation using session variable
- php sessions empty using ssl?
- PHP SESSION variables between https and http