I'll try to explain:
If you have a form at a http URL and the action of the form is to a
https URL, then the data from the form is submitted to the new URL in an
encrypted format.
hope that helps,
colin
Jason Caldwell wrote:
> I'm a little confused about how HTTPS actually works when you call it via a
> FORM tag or HEADER("Location: ...")
>
> This may sound like a stupid question -- but it was never explained to me,
> so...
>
> I have my users fill out (for example) FORM A -- this form has basic
> non-secure info. Then they press SUBMIT, now on FORM B, I want them to fill
> out their payment information.
>
> Now, I notice that when I go to web sites and fill out payment information,
> I see the little lock icon at the bottom of my browser, and the
> https://yadadada in the URL field... however, I'm unclear about something...
>
> If I call FORM B with HTTPS will my blank FORM B transmit to the user
> encrypted, and will I have to call HTTPS again for my PHP CC Processing App?
>
> In other words, what's taking place when I call a form or page with HTTPS?
> Is it that the data only gets encrypted on a SUBMIT ?
>
> Dunno if my question makes much sense .. but I guess I'd like to know if
> it's even required for me to call FORM B in a secure state (for the users CC
> data to be SENT encrypted), but instead just call the process attached to
> the FORM (submit button) on FORM B in HTTPS ?? Does that make sense?
>
> Jason
>
> "Miguel Cruz" <[EMAIL PROTECTED]> wrote in message
> news:[EMAIL PROTECTED]...
>
>>On Thu, 4 Jul 2002, Jason Caldwell wrote:
>>
>>>Is there a way I can programmatically switch between HTTPS and HTTP... I
>>
> use
>
>>>a lot of INCLUDE's instead of HEADER("Location: ...");
>>>
>>>Can I use HEADER in another way (without redirecting) to activate HTTPS
>>
> or
>
>>>HTTP for any given page?
>>
>>Nope. The protocol is determined by the client when it makes its request.
>>Once your code is running, it's too late. At that point you can only
>>redirect to a https:// URL, which leads the client to generate a new
>>request.
>>
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
