Hi Bob, I don't have an answer but I have a question. How are you getting a PHP session to leap from HTTP to HTTPS ?? Or aren't you and that's the trouble? jason m Bob Mariotti wrote: > > I'm currently working on a PHP app that deals with a lot of different > functions (screens that is). Most of these functions are non-secured > and work just fine. However, when the time comes to collect > sensitive info such as credit card information it must be handled > securely. On my servers I support named virtual hosts therefore > only ONE of those virtual servers is SSL. So, when I am about to > deliver one of these "secured" pages I code the SSL site on the > action= tag on the form > (i.e."https://$known-ssl-server-name/$PHP_SELF") which does get me > there (sort of). >
More information about the ECLUG mailing list