Apologies in advance for the length of this message, I'll try and get all the relevant info in 1 post:

The server:
Ubuntu 11.10
Nginx 1.0.10
php-fpm 5.3.8

Brand new clean fresh install of Zen Cart 1.3.9h - this is a fork of OsCommerce, which I know works fine on NGINX as there is a Wiki page with the rewrite rules for it.

The front end runs like a dream - REALLY fast even on a tiny underpowered VPS.
I can add things to my cart, I can go to secure checkout, the SSL works....
When I try and access the admin login page...

The code for the admin login page is http://pastebin.com/Di92PuXw
The code for the application_top.php included at the beginning is http://pastebin.com/e6Zv02pQ

Here's what the browser diagnosis is showing me as it keeps redirecting:

*************************************************************************************
https://31.172.xxx.xxx/my-store/myadmin/login.php?zenAdminID=csg401388f95i1nfuvfqn3imt4
https://31.172.xxx.xxx/my-store/myadmin/login.php?zenAdminID=0vtc775qcc8a8ekga7k1sp8sg5
https://31.172.xxx.xxx/my-store/myadmin/login.php?zenAdminID=87tmi164gqk4ji88vaicj0a5u1
https://31.172.xxx.xxx/my-store/myadmin/login.php?zenAdminID=j9oqih37fi35c1jj71hprrkue6
*************************************************************************************

And here's some sample headers and responses from one of those redirects....
Request Headers
*************************************************************************************
Request URL:https://31.172.xxx.xxx/my-store/myadmin/login.php?zenAdminID=t8b6f5i68r6rs3v8aiskgfa4l3
Request Method:GET
Status Code:302 Moved Temporarily
Request Headersview source
Accept:text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Charset:ISO-8859-1,utf-8;q=0.7,*;q=0.3
Accept-Encoding:gzip,deflate,sdch
Accept-Language:en-US,en;q=0.8,en-GB;q=0.6
Cache-Control:max-age=0
Connection:keep-alive
Cookie:__utma=118755147.1755733436.1322859425.1322859425.1322864297.2; __utmb=118755147.16.10.1322864297; __utmc=118755147; __utmz=118755147.1322859425.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
Host:31.172.xxx.xxx

User-Agent:Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.7 (KHTML, like Gecko) Chrome/16.0.912.59 Safari/535.7
Query String Parameters
zenAdminID:t8b6f5i68r6rs3v8aiskgfa4l3
*************************************************************************************
Response Headers
Cache-Control:no-store, no-cache, must-revalidate, post-check=0, pre-check=0

Connection:keep-alive
Content-Type:text/html; charset=iso-8859-1
Date:Fri, 02 Dec 2011 23:23:09 GMT
Expires:Thu, 19 Nov 1981 08:52:00 GMT
Location:https://31.172.xxx.xxx/my-store/myadmin/login.php?zenAdminID=jf9knnkrfoq9mdjptrh4lvgdr3
Pragma:no-cache
Server:nginx/1.0.10
Set-Cookie:zenAdminID=jf9knnkrfoq9mdjptrh4lvgdr3; path=/my-store/myadmin; domain=.31.172.xxx.xxx; HttpOnly
Transfer-Encoding:chunked
X-Powered-By:PHP/5.3.8-1~dotdeb.2
*************************************************************************************

I've tried changing the sessions and cache from DB to file. I've looked in the cache dir for debug files - nothing. I've tried both http and https.
I've rebooted the VPS, my PC and the router to pick up another IP address.

I've cleared the browser cache and cookies, I've tried another browser, I've read the FAQs and the wiki. I've looked in the server error log (nothing). I've checked the file permissions. I've checked the php memory config.

And this all started when I tried to move a store from an apache to an nginx server.

I know the server config is up to running stuff OK because I run a busy phpBB3 site on the same nginx-only config, as well as a Wordpress site fully loaded with lots of plugins.

There's something about that login file which is causing it to keep sending a new zenAdminID but I've been at this 9 hours now poring through the files, especially login.php and application_top and I'm just out of ideas now.

This is the server access log for the time the login page was redirecting.
*************************************************************************************
91.125.242.xxx - - [03/Dec/2011:10:29:54 +0000] "-" 400 0 "-" "-"
91.125.242.xxx - - [03/Dec/2011:10:29:54 +0000] "GET /zen/adminz/login.php HTTP/1.1" 302 5 "-" "Mozilla/5.0 "
91.125.242.xxx - - [03/Dec/2011:10:29:55 +0000] "-" 400 0 "-" "-"
91.125.242.xxx - - [03/Dec/2011:10:29:55 +0000] "GET /zen/adminz/login.php HTTP/1.1" 302 5 "-" "Mozilla/5.0 "
91.125.242.xxx - - [03/Dec/2011:10:29:55 +0000] "-" 400 0 "-" "-"
91.125.242.xxx - - [03/Dec/2011:10:29:55 +0000] "GET /zen/adminz/login.php HTTP/1.1" 302 5 "-" "Mozilla/5.0 "
91.125.242.xxx - - [03/Dec/2011:10:29:55 +0000] "-" 400 0 "-" "-"
91.125.242.xxx - - [03/Dec/2011:10:29:55 +0000] "GET /zen/adminz/login.php HTTP/1.1" 302 5 "-" "Mozilla/5.0 "
91.125.242.xxx - - [03/Dec/2011:10:29:55 +0000] "-" 400 0 "-" "-"
91.125.242.xxx - - [03/Dec/2011:10:29:55 +0000] "GET /zen/adminz/login.php HTTP/1.1" 302 5 "-" "Mozilla/5.0 "
*************************************************************************************

And to show that the application at least loads, this is the output when you turn the ZenCart debugging on:
*************************************************************************************
actionPoint=>0 include('/var/www/clients/client0/web1/web/zen/includes/classes/class.base.php');
actionPoint=>0 include('/var/www/clients/client0/web1/web/zen/includes/classes/class.notifier.php');
actionPoint=>0 $zco_notifier = new notifier();
actionPoint=>0 include('/var/www/clients/client0/web1/web/zen/includes/classes/sniffer.php');
actionPoint=>0 include('includes/classes/logger.php');
actionPoint=>0 include('/var/www/clients/client0/web1/web/zen/includes/classes/shopping_cart.php');
actionPoint=>0 include('/var/www/clients/client0/web1/web/zen/includes/classes/products.php');
actionPoint=>0 include('includes/classes/table_block.php');
actionPoint=>0 include('includes/classes/box.php');
actionPoint=>0 include('includes/classes/message_stack.php');
actionPoint=>0 include('includes/classes/split_page_results.php');
actionPoint=>0 include('includes/classes/object_info.php');
actionPoint=>0 include('/var/www/clients/client0/web1/web/zen/includes/classes/class.phpmailer.php');
actionPoint=>0 include('/var/www/clients/client0/web1/web/zen/includes/classes/class.smtp.php');
actionPoint=>0 include('includes/classes/upload.php');
actionPoint=>10 require('includes/init_includes/init_file_db_names.php');
actionPoint=>10 require('includes/init_includes/init_database.php');
actionPoint=>10 require('/var/www/clients/client0/web1/web/zen/includes/version.php');
actionPoint=>20 require('includes/init_includes/init_db_config_read.php');
actionPoint=>30 require('includes/init_includes/init_gzip.php');
actionPoint=>30 $sniffer = new sniffer();
actionPoint=>40 require('includes/init_includes/init_general_funcs.php');
actionPoint=>40 require('includes/init_includes/init_tlds.php');
actionPoint=>60 require('includes/init_includes/init_sessions.php');
actionPoint=>70 require('includes/init_includes/init_languages.php');
actionPoint=>80 require('includes/init_includes/init_templates.php');
actionPoint=>90 $zc_products = new products();
actionPoint=>90 require('includes/functions/localization.php');
actionPoint=>100 $messageStack = new messageStack();
actionPoint=>120 require('includes/init_includes/init_special_funcs.php');
actionPoint=>130 require('includes/init_includes/init_category_path.php');
actionPoint=>140 require('includes/init_includes/init_errors.php');
*************************************************************************************

I've tried it in IE, Opera, Firefox and Chrome. I've also changed all the cookie settings to all possible combinations, and I've used both IP and domain name to reach the site.

Any ideas would be greatly appreciated. Thank you!

Just to add, I have, of course, put all this detail on the Zen Cart forum, but they've not been able to come up with anything.

Well, after 18 hours (no joke!) of going round and round in circles, with a little help from the developer of Zen Cart we spotted something:

For a script running called phpinf0.php we get

_SERVER["PHP_SELF"] /phpinf0.php/phpinf0.php

which is clearly wrong and breaks certain scripts.

Finally, I ended up right back here!

http://forum.nginx.org/read.php?11,212439,212439#msg-212439

locojohn's server setup is different to mine, and I am using ISPConfig so I have worker pools for php-fpm, so this is what I did:

Comment out the line

fastcgi_param SCRIPT_NAME $fastcgi_script_name;

in /etc/nginx/fastcgi_params - that made Zen cart login work! But... it broke phpmyadmin.

So, my phpmyadmin block now looks like this

location /phpmyadmin {
root /usr/share/;
index index.php index.html index.htm;
location ~ ^/phpmyadmin/(.+\.php)$ {
try_files $uri =404;
root /usr/share/;
include /etc/nginx/fastcgi_params;
fastcgi_param SCRIPT_NAME $fastcgi_script_name; # THIS is what needs adding
# .... rest of file etc

I don't know of any way of "unsetting" a server var/param once it's been set, because obviously, it would be better to REMOVE it from the one place it's causing trouble with the old script and leave the master config untouched, rather than delete it from the master file and have to add it back to various other locations "just in case". Any ideas?

This is noted in php bugs at https://bugs.php.net/bug.php?id=55208 but nothing has really been done since 2011-07-17 and as they're discussing 5.3.6 and I'm on 5.3.8, I guess it hadn't been resolved. However, it HAS taken up my entire weekend, so I'll be putting some effort into waking the bug report up a bit!