Session And redirect

[eluser]Suhas nazir[/eluser]
Is redirect function causes any problems to session values

[eluser]Clooner[/eluser]
[quote author="Sas" date="1283346569"]Is redirect function causes any problems to session values[/quote]
No!

[eluser]WanWizard[/eluser]
Eh... The correct answer is "that depends".

If you use cookie based sessions, you will lose session variables set in that request if you do a header redirect.
If you use database sessions (which you should), it works as advertised.

[eluser]mikecyber[/eluser]
Hi,
I use database sessions and off site redirects cause new sessions to be created.
For instance, if a user clicks a link to Twitter's oAuth when Twitter redirects the user back to my site a new session is created instead of the original session resuming. :ahhh: sums it up.

[eluser]WanWizard[/eluser]
Is that reproducable? Does it happen always or just every now and then?

[eluser]mikecyber[/eluser]
It happened continually until I set the cookie_domain to site-wide. I didn't think that would be necessary, is it usually?.

[eluser]WanWizard[/eluser]
That depends on what you mean by 'site wide'.

Normally, the cookie domain is equal to the hostname of your site. The cookie is then available to all pages of your site. If you want to restrict that, use the cookie path. You can't add a path to the cookie domain, that will render the cookie invalid.

[eluser]mikecyber[/eluser]
Ah, ok. When I had cookie_domain set to site.com sending a user to oAuth resulted in a new session. When I changed it to .site.com it worked perfectly.

[eluser]WanWizard[/eluser]
Yes. As per the RFC, if you specify an entire domain instead of just a host, you need to prefix it with a dot...