Greetings,
I am building a database-driven PHP application.
Part of that app needs to run over SSL for gathering private data.
Now, when someone purchases a certificate, the domain name is
hard-coded on the certificate, right?
If so, how can I run part of the application in regular mode (http) and
the rest in secure mode (https)?
The domain name on the certificate will be something like - www.myDomain.com
But some of the pages will be secure and some not.
Is it possible to have something like this?
Will the certificate work ok?
And should I refer to the secure pages using absolute referencing
( https://www.myDomain.com/someDirectory/securePage.php)
Thanks for any help. 2  1679 
>I am building a database-driven PHP application. Part of that app needs to run over SSL for gathering private data.
Now, when someone purchases a certificate, the domain name is
hard-coded on the certificate, right?
Correct. A typical secure site really has *TWO* virtual sites, one
secure, one not secure (with the same domain name, e.g.
https://my.domain.com and http://my.domain.com). The not secure
part has the product descriptions and such in it (typically). The
secure part has the order form, etc. on it. Depending on how much
personal data the site handles, you may want most of it secure.
Your typical secure site has AT MINIMUM an un-secure entry page
which redirects or links to the secure entry page. Nobody is going
to remember to type the "https:" part in. So that unsecure part
brags about the security and links to the secure page, or just
redirects. IF THE USER HAS TO LOG IN, MAKE THE LOG IN PAGE SECURE,
not just the response after they log in. That way, the login info
is encrypted.
If so, how can I run part of the application in regular mode (http) and
the rest in secure mode (https)?
Make sure you do NOT use insecure images on secure pages. Browsers
get upset about that. Otherwise, you treat it as two virtual sites
with different domains, cross-referencing each other. Limit links
to insecure pages from the secure pages, or label them with hints
like "exit secure site". Whether you use the secure or insecure
site depends on the http: vs. https: part.
The domain name on the certificate will be something like -
www.myDomain.com
But some of the pages will be secure and some not.
Fine. You can have a secure and insecure site with the same domain
name. They may or may not have the same document root. Treat them
the same way you would two different domains on separate virtual sites.
Is it possible to have something like this?
Will the certificate work ok?
Yes.
And should I refer to the secure pages using absolute referencing
(https://www.myDomain.com/someDirectory/securePage.php)
You can refer to secure pages from other secure pages of the same
domain with relative referencing. From an insecure page, it's like
you are referencing a whole different site (which it is), so you
need the absolute referencing.
Gordon L. Burditt
Harold Crump <or**********@y ahoo.com> wrote:
[snip] But some of the pages will be secure and some not.
Is it possible to have something like this?
Will the certificate work ok?
PHP doesn't know anything about the transport other than what the httpd
tells PHP about it. So it makes no difference at all.
And should I refer to the secure pages using absolute referencing
(https://www.myDomain.com/someDirectory/securePage.php)
With a little rewriteengine magic it's possible to create a relative URL
for the client which will be redirected to either http or https (it's an
example in apaches rewrite documenation). This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics | |
by: Nora |
last post by:
Hi there!
We have created a dtd. Now, when creating xml files based on this dtd we
want to provide an own online help.
(This online help explains:
which tag can be used where,
writing schemas,
structure (parents, children), ...)
We might change to XMeltaL. But therefore I have a few questions:
|
by: serge calderara |
last post by:
Dear all,
I have an application which is suppose to start another executable process.
As soon as that process is running, I need to retrive its handle. The
problem of the particular process I am starting is that it has a welcome
window first which gets displayed and then the real windows after a while,in
other words it means that the process name is the same, but the handle I need
to retrive is the one from the final window and not the...
|
by: D. Shane Fowlkes |
last post by:
This is a repost (pasted below). Since my original post, I've double
checked the system clock and set all IIS Session Timeout values to 10
minutes. Still ...the problem occurs. I've also installed Deep Metrix Live
Stats 6.2 XPS just to make sure nothing really strange was going on was
going on. Still....the sessions only increment...or should I say my counter
in my asax file.... and never goes down.
If it matters, this machine is...
|
by: Alain \Mbuna\ |
last post by:
Hi to you all.
As a beginning programmer, I finally succeeded in finishing my first
application. I made the application with VB expr 2005 and provided the
application with a help project, which I made with HTML Help Workshop.
It works fine on my laptop, where I made the app., even after publishing
(ClickOnce) and installing from CD.
But when I want the application to run on my other computer, the application
runs well, but my...
|
by: pamelafluente |
last post by:
I am beginning aspNet, I know well win apps.
Need a simple and schematic code example to start work.
This is what I need to accomplish:
----------------------
Given button and a TextBox on a web form when one presses the button on
the web form on a client pc, the sql query which is contained in the
text box is sent to a vb net application on a server pc. The win
application sends the query to the database, collects the results,
| | |
by: pamelafluente |
last post by:
I am still working with no success on that client/server
problem. I need your help. I will submit simplified versions
of my problem so we can see clearly what is going on.
My model:
A client uses IE to talk with a server.
The user on the client (IE) sees an ASP net page containing
a TextBox. He can write some text in this text box and
push a submit button.
|
by: Jay |
last post by:
I have a multi threaded VB.NET application (4 threads) that I use to send
text messages to many, many employees via system.timer at a 5 second
interval. Basically, I look in a SQL table (queue) to determine who needs
to receive the text message then send the message to the address. Only
problem is, the employee may receive up to 4 of the same messages because
each thread gets the recors then sends the message. I need somehow to
prevent...
|
by: Coleen |
last post by:
Hi All :-)
I'm not sure where to post this, but my organization is looking for a good software application that is not terribly expensive that allows you to create documentationand help files and is able to be integrated into a .Net application. Any suggestions? Any help, suggestions, links would be greatly appreciated.
TIA,
Coleen
|
by: abhijitbkulkarni |
last post by:
Hello,
I am designing a .NET database application that uses 3 tier architecture. Starting initially, this application will be desktop application but I will convert it into a website later but design that I am planning should support both version.
Development Environment : VS2008, C#
Currently Database supported are MS SQL Server 2005 and MYSQL 5 and design for database support is extensible.
This application contains several high...
|
by: hitencontractor |
last post by:
I am working on .NET Version 2003 making an SDI application that calls MS Excel 2003.
I added a menu item called "MyApp Help" in the end of the menu bar to show Help-> About.
The application calls MS Excel, so the scenario is that I am supposed to see the Excel Menu bar,
FILE EDIT VIEW INSERT ... HELP.
I am able to see the menu bar, but in case of Help, I see the Help of Excel and help of my application, both as a submenu of help.
...
|
by: marktang |
last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However, people are often confused as to whether an ONU can Work As a Router. In this blog post, we’ll explore What is ONU, What Is Router, ONU & Router’s main usage, and What is the difference between ONU and Router. Let’s take a closer look !
Part I. Meaning of...
| | |
by: Oralloy |
last post by:
Hello folks,
I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>".
The problem is that using the GNU compilers, it seems that the internal comparison operator "<=>" tries to promote arguments from unsigned to signed.
This is as boiled down as I can make it.
Here is my compilation command:
g++-12 -std=c++20 -Wnarrowing bit_field.cpp
Here is the code in...
|
by: jinu1996 |
last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven tapestry of website design and digital marketing. It's not merely about having a website; it's about crafting an immersive digital experience that captivates audiences and drives business growth.
The Art of Business Website Design
Your website is...
|
by: Hystou |
last post by:
Overview:
Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows Update option using the Control Panel or Settings app; it automatically checks for updates and installs any it finds, whether you like it or not. For most users, this new feature is actually very convenient. If you want to control the update process,...
|
by: tracyyun |
last post by:
Dear forum friends,
With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each protocol has its own unique characteristics and advantages, but as a user who is planning to build a smart home system, I am a bit confused by the choice of these technologies. I'm particularly interested in Zigbee because I've heard it does some...
|
by: agi2029 |
last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing, and deployment—without human intervention. Imagine an AI that can take a project description, break it down, write the code, debug it, and then launch it, all on its own....
Now, this would greatly impact the work of software developers. The idea...
|
by: isladogs |
last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM).
In this session, we are pleased to welcome a new presenter, Adolph Dupré who will be discussing some powerful techniques for using class modules.
He will explain when you may want to use classes instead of User Defined Types (UDT). For example, to manage the data in unbound forms.
Adolph will...
| | |
by: conductexam |
last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and then checking html paragraph one by one.
At the time of converting from word file to html my equations which are in the word document file was convert into image.
Globals.ThisAddIn.Application.ActiveDocument.Select();...
|
by: muto222 |
last post by:
How can i add a mobile payment intergratation into php mysql website.
| |
