[development] admin

[Jeff Greenberg]

Having an interesting problem, which I'm thinking is related to some 
internal security feature regarding the invoking of admin pages.


A site I'm working on can have two different incoming URL's. If one, a 
certain banner should be used, if another, then another.


The initial problem was that there's a cart, and certain pages are SSL, 
and the securepages module can't handle two possible SSL URL's. There's 
a SSL certificate for both. But when switching to https:, the correct 
one needs to be requested, otherwise the browser reports a problem with 
the certificate.


So, the way I handled it was to hook_init before securepages becomes 
involved, and check the requested URL, and if it's the second, I simply 
overwrite securepage's variable entry with a variable_set with the new 
url. Works like a charm.


Except... admin.  I have securepages set to work with admin as well, but 
when I request an admin page, the logic in hook_init that should 
variable_set the url back to the normal domain doesn't seem to fire, 
because I'll have put http://mydomain.com/admin  and it will invoke 
https://mydomain.com/admin but the variable setting will still be 
https://myotherdomain.com, so I get the certificate message.