something very wrong with SESSIONS

sorry for my english, but i will try to explain my problem - i have site that using a lot of subdomains when I run scenario in main subdomain www.site.com and add some information to The SESSION inside that scenario, then I redirected to subdomain.site.com, and here the SESSION is empty

this 开发者_StackOverflow社区is my settings for cookie

$this->Cookie->domain = ".site.com";        
$this->Cookie->key = md5('key');        
$this->Cookie->path = '/';

i tried to save THE SESSION in files, but it doesn't helps

Configure::write('Session.save', 'cake');

i tried this ini_set('session.cookie_domain', '.site.com'); but it didn't helps too

any ideas?

IE has problems accepting cookies if there is an underscore (_) in the subdomain. e.g. subdomain.tld.com is OK. sub_domain.tld.com BAD. Could be that.

When the CakePHP 'Security.level' is set to 'high' or 'medium', CakePHP sets the PHP session.referer_check to your site hostname.

However, when the user clicks a link inside an email client, the referer check test fails and the session is marked as invalid.

What you have to do is the following:

1) Set CakePHP 'Security.level' as 'low'

OR

2) Provide a custom session configuration for CakePHP, as shown here, setting 'session.referer_check' to an empty string, this way:

ini_set('session.referer_check', '');