thanks for the insights. :)
basically the 2 files are from 2 different domains saving to the same
database server. the 2 sites share the same userbase. and when the
registration form is submitted to the 2nd site, upon successful
registration, it will redirect back to the 1st site and display a
success page. otherwise it will redirect back to the 1st site and
prompting them an error.
you probably wonder why the complexity of the above scenario. basically
the 2nd site has a ssl cert while the 1st site doesn't. so as a cost
saving measure, the 1st site will be using the 2nd site's ssl cert to
complete the user registration process.
hope the above make sense to you.
Michael Sweeney wrote:
>Your form action parameter has an absolute url specifying an https
>protocol. When the browser submits the form, it uses the url you specify
>which is https. So the request is going to be encrypted. You might
>consider serving the form page from https as well to kind of tighten
>things up a little, but the data will be posted under https which is an
>encrypted connection. Your main problem is going to be the fact that the
>http and https services are accessing two different file system spaces
>(or they should be unless you've got your server badly misconfigured) so
>the http://...register.php is going to be a different file from the
>https://...register.php. You might want to reconsider your design.
>On Tue, 2002-07-02 at 04:21, B.C. Lance wrote:
>>the above question has been puzzling me for a while. the situation is this.
>>display a user registration form having
>>[form action="https://domainname.com/register.php" method="post"]
>>will the data from that page be encrypted when it is sent via https
>>specified in the [form] action?
>>note: the registration form is served from http.
>>could someone enlighten me on this?
>>PHP General Mailing List (http://www.php.net/)
>>To unsubscribe, visit: http://www.php.net/unsub.php