• 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
SSL session problem

Hi all,

I am using CI 2.0. I have a payments page in http://www.mydomain.com/pay. When the user presses the pay button he is redirected to my bank's server and after he pays (the bank speaks with a script I have at https://www.mydomain.com/payment) he is redirected to https://www.mydomain.com/success. In that page I have a url (http://www.mydomain.com/admin ) which links back to his admin. And there, is where the session is lost cause it asks him to login...

How should I handle this?

Sounds like a cookie problem.

By the way I just noticed that In the newest CI download V2.0.2 there is a new line added to the config.php file for 'cookie_secure'. see below.

I am not entirely sure but this might help you in the right direction.

| Cookie Related Variables
| 'cookie_prefix' = Set a prefix if you need to avoid collisions
| 'cookie_domain' = Set to .your-domain.com for site-wide cookies
| 'cookie_path' = Typically will be a forward slash
| 'cookie_secure' = Cookies will only be set if a secure HTTPS connection exists.
$config['cookie_prefix'] = "";
$config['cookie_domain'] = "";
$config['cookie_path'] = "/";
$config['cookie_secure'] = FALSE;

I had the same problem.
Problem was, that in my config file (config/config.php) i had a $config['base_url'] prefixed with "www." (ex. $config['base_url'] = "http://www.examle.com/";)
But after Banklink authorisation user was redirected to url without "www". (ex. "http://examle.com/banklink" )
Browser thinks it's different websites, and not shares cookies between them.

I changed base_url to http://examle.com/ and everything worked fine.

Digg   Delicious   Reddit   Facebook   Twitter   StumbleUpon  

  Theme © 2014 iAndrew  
Powered By MyBB, © 2002-2021 MyBB Group.