Reply to Re: Best way to Learn to use SSL in my PHP websites — PHP Programming Language

Posted by Rik on 04/26/07 16:56

KDawg44 wrote:
> On Apr 25, 12:44 pm, Rik <luiheidsgoe...@hotmail.com> wrote:
>> KDawg44 wrote:
>>> I have programmed a bunch of sites using PHP and MySQL but have been
>>> tasked with writing a small ecommerce site. To do this, I will need
>>> to use https. I have not programmed using ssl or anything like that
>>> before and was hoping for reference to a spot to learn what I need to
>>> do.
>> Your PHP & MySQL code is exactly the same. The only problem is setting
>> up the webserver. Most hosters have taken care of that for you.
>>
>> Communicating with another site by SSL is something else. Is that what
>> you mean?
>>
>> --
>> Rik Wasmus
>>
>> Estimated date being able to walk again: 01-05-2007.
>> Less then a week, hurray!
>
> Thanks for the information. I will try to explain a little more. I
> have written a bunch of content websites using PHP and MySQL. I wrote
> a testing engine that was used in a class I was teaching. I have
> written a bunch of stuff but all for myself or friends or
> organizations. I have recently started doing some side consulting and
> have been asked to develop an e-commerce site. This will have a non
> secure website, a secure login, and a secure shopping cart. Also, it
> will have a secure reporting and administration side for the company
> to manage inventory and print reports and such. I need to make sure
> that when I do this the information is secure. I will also be passing
> information to processing companies for payment processing.
>
> If the webserver is what I need to be concerned about, then that is
> what I will focus on. Since I have never looked into passing
> information securely like this, I have no idea.
>
> Thanks very much for your suggestions and advice.

A 'simple' way to do this is by:
- putting the both SSL an non-SLL content in the same document root.
- making _all_ links relative (or relative to root).
- make a check on pages where SSL is absolutely required by checking
$_SERVER['HTTPS'] and possbibly do a header redirect if they're using
the non-SSL connection.
--
Rik Wasmus

Estimated date being able to walk again: 01-05-2007.
Less then a week, hurray!

[Back to original message]

Удаленная работа для программистов • Как заработать на Google AdSense • England, UK • статьи на английском • PHP MySQL CMS Apache Oscommerce • Online Business Knowledge Base • DVD MP3 AVI MP4 players codecs conversion help

Home • Search • Site Map • Set as Homepage • Add to Favourites

Сайт изготовлен в Студии Валентина Петручека —
изготовление и поддержка веб-сайтов, разработка программного обеспечения, поисковая оптимизация