I'll try to explain:

If you have a form at a http URL and the action of the form is to a 
https URL, then the data from the form is submitted to the new URL in an 
encrypted format.

hope that helps,

Jason Caldwell wrote:
> I'm a little confused about how HTTPS actually works when you call it via a
> FORM tag or HEADER("Location: ...")
> This may sound like a stupid question -- but it was never explained to me,
> so...
> I have my users fill out (for example) FORM A -- this form has basic
> non-secure info.  Then they press SUBMIT, now on FORM B, I want them to fill
> out their payment information.
> Now, I notice that when I go to web sites and fill out payment information,
> I see the little lock icon at the bottom of my browser, and the
> https://yadadada in the URL field... however, I'm unclear about something...
> If I call FORM B with HTTPS will my blank FORM B transmit to the user
> encrypted, and will I have to call HTTPS again for my PHP CC Processing App?
> In other words, what's taking place when I call a form or page with HTTPS?
> Is it that the data only gets encrypted on a SUBMIT ?
> Dunno if my question makes much sense .. but I guess I'd like to know if
> it's even required for me to call FORM B in a secure state (for the users CC
> data to be SENT encrypted), but instead just call the process attached to
> the FORM (submit button) on FORM B in HTTPS ?? Does that make sense?
> Jason
> "Miguel Cruz" <[EMAIL PROTECTED]> wrote in message
>>On Thu, 4 Jul 2002, Jason Caldwell wrote:
>>>Is there a way I can programmatically switch between HTTPS and HTTP... I
> use
>>>a lot of INCLUDE's instead of HEADER("Location: ...");
>>>Can I use HEADER in another way (without redirecting) to activate HTTPS
> or
>>>HTTP for any given page?
>>Nope. The protocol is determined by the client when it makes its request.
>>Once your code is running, it's too late. At that point you can only
>>redirect to a https:// URL, which leads the client to generate a new

PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to