Sorry for the vagueness of the subject line but I wasn't sure what to put.
Here's what I'd like to do: 1- user comes to my web site with normal (non-SSL) connection 2- user enter login name and password 3- data is submitted to a PHP script via SSL connection to same web server 4- PHP script checks password 5- If everything is ok user is directed to restricted page The reason I want to use SSL is simple, so that sniffers can pick up a clear text password. The reason I don't want to whole site using SSL is because of the overhead in incurs. I figure I can use sessions to force people to log in. If someone doesn't log in the proper session variables are not set and they cannot get any of the pages on my web site. (each page would check that the proper session var was registered). Is this approached do-able? Is it recommended? If this approach is ok what I can't figure out is how to get my login page to submit data via SSL. Suggestions welcomed! Jc -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
