From: Geoffrey T. <gta...@na...> - 2001-12-05 20:02:43
|
At 02:40 PM 12/5/01 -0500, Jeff Johnson wrote: >I have a site that needs to collect credit card info. When I wrote it, >I assumed I would have an SSL cert for it so I used session variables to >store info. Since SSL certs are a pain to get, cost money, and require >an IP address for each domain (can't use virtual domains), we now have a >parent site that does SSL pages, then redirects back to the normal >domain when finished. So... > >When I first send the user to the SSL domain, can I encode _SID_ in the >url and force that domain to use the session that the user had already >started on the first domain? It sounds simple enough but I wonder what >I'm missing. > >Thanks, >Jeff That should work fine. Session IDs can be encoded as query parameters -- I'm relying on it in some code I have written. -- - Geoff Talvola gtalvola@NameConnector.com |