Hi Kim, my url is t i v o n a . c o m . a u

I have tested a lot trying to see what differences between HTTPS pages and HTTP pages, and what consequences would happen.
I think my previous description isn't accurate enough. The session seems like not lost, but two different sessions for HTTPS and HTTP.

What I have found are:

(All done under IE, and all tested on the first time to open the site (it means the session must be cleared before trying again)

1.
When the site is opened, there is a zenid generated, eg. zenid=c66d48a24712cf0c74269f03d11414c4.
After clicking on a HTTPS page, eg. Login page, zenid is the same, c66d48a24712cf0c74269f03d11414c4.
After logged in, zenid changes to a different one, eg. zenid=080bbc7121e22366aeb6db7ce51f19a3. But when I checked request['zenid'] now, the request['zenid'] is the first one c66d48a24712cf0c74269f03d11414c4. (When I tested by using Firefox/Chrome, the request['zenid'] this time should be the same as zenid which is the one generated after directly logged in). So now, if you click on any HTTP page, then it shows you not logged in yet...

2.
When the site is opened, then you click on a HTTP page first, after that, click on a HTTPS page, eg. Login page, and this time, you can't even login.

3.
If copy the login page address, eg. http://domain/index.php?main_page=login directly on IE and log in, then no problem at all changing pages from HTTPS to HTTP, or HTTP to HTTPS. zenid and requst['zenid'] this time, they are the same all the way.

4.
If I don't enable SSL in the configure.php, "define('ENABLE_SSL', 'false');", then I can not even login under IE.
(but there was once I did log in successfully, only one time, and I could changing pages without any problem, still stay logged in. However, no matter how many times I try now, can not log in anymore, really weird....)

Please help! This is really annoying me and it's been a couple of days trying to figure it out and still can't.
Now it seems like even I disable SSL, still have problem to login..
Thanks in advance.