473,387 Members | 1,532 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

home > topics > php > questions > help php application over ssl

Join Bytes to post your question to a community of 473,387 software developers and data experts.

Help PHP application over SSL

Greetings,

I am building a database-driven PHP application.
Part of that app needs to run over SSL for gathering private data.

Now, when someone purchases a certificate, the domain name is
hard-coded on the certificate, right?

If so, how can I run part of the application in regular mode (http) and
the rest in secure mode (https)?

The domain name on the certificate will be something like -
www.myDomain.com

But some of the pages will be secure and some not.

Is it possible to have something like this?
Will the certificate work ok?

And should I refer to the secure pages using absolute referencing
(https://www.myDomain.com/someDirectory/securePage.php)

Thanks for any help.

Jul 17 '05 #1
2 1665
>I am building a database-driven PHP application.
Part of that app needs to run over SSL for gathering private data.

Now, when someone purchases a certificate, the domain name is
hard-coded on the certificate, right?
Correct. A typical secure site really has *TWO* virtual sites, one
secure, one not secure (with the same domain name, e.g.
https://my.domain.com and http://my.domain.com). The not secure
part has the product descriptions and such in it (typically). The
secure part has the order form, etc. on it. Depending on how much
personal data the site handles, you may want most of it secure.
Your typical secure site has AT MINIMUM an un-secure entry page
which redirects or links to the secure entry page. Nobody is going
to remember to type the "https:" part in. So that unsecure part
brags about the security and links to the secure page, or just
redirects. IF THE USER HAS TO LOG IN, MAKE THE LOG IN PAGE SECURE,
not just the response after they log in. That way, the login info
is encrypted.
If so, how can I run part of the application in regular mode (http) and
the rest in secure mode (https)?
Make sure you do NOT use insecure images on secure pages. Browsers
get upset about that. Otherwise, you treat it as two virtual sites
with different domains, cross-referencing each other. Limit links
to insecure pages from the secure pages, or label them with hints
like "exit secure site". Whether you use the secure or insecure
site depends on the http: vs. https: part.
The domain name on the certificate will be something like -
www.myDomain.com

But some of the pages will be secure and some not.
Fine. You can have a secure and insecure site with the same domain
name. They may or may not have the same document root. Treat them
the same way you would two different domains on separate virtual sites.
Is it possible to have something like this?
Will the certificate work ok?
Yes.
And should I refer to the secure pages using absolute referencing
(https://www.myDomain.com/someDirectory/securePage.php)


You can refer to secure pages from other secure pages of the same
domain with relative referencing. From an insecure page, it's like
you are referencing a whole different site (which it is), so you
need the absolute referencing.

Gordon L. Burditt
Jul 17 '05 #2
Harold Crump <or**********@yahoo.com> wrote:
[snip]
But some of the pages will be secure and some not.

Is it possible to have something like this?
Will the certificate work ok?
PHP doesn't know anything about the transport other than what the httpd
tells PHP about it. So it makes no difference at all.
And should I refer to the secure pages using absolute referencing
(https://www.myDomain.com/someDirectory/securePage.php)


With a little rewriteengine magic it's possible to create a relative URL
for the client which will be redirected to either http or https (it's an
example in apaches rewrite documenation).
Jul 17 '05 #3
New Post

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

2
XMetaL: hook self-created online help
by: Nora | last post by:
Hi there! We have created a dtd. Now, when creating xml files based on this dtd we want to provide an own online help. (This online help explains: which tag can be used where, writing schemas,...
.NET Framework
12
URGEN HELP: Starting a process from my application ???
by: serge calderara | last post by:
Dear all, I have an application which is suppose to start another executable process. As soon as that process is running, I need to retrive its handle. The problem of the particular process I am...
.NET Framework
12
Sessions never end (again) - Please help
by: D. Shane Fowlkes | last post by:
This is a repost (pasted below). Since my original post, I've double checked the system clock and set all IIS Session Timeout values to 10 minutes. Still ...the problem occurs. I've also...
ASP.NET
1
Deploying application and include HTML help?
by: Alain \Mbuna\ | last post by:
Hi to you all. As a beginning programmer, I finally succeeded in finishing my first application. I made the application with VB expr 2005 and provided the application with a help project, which...
Visual Basic .NET
8
Desperately need help to setup with asp net !!
by: pamelafluente | last post by:
I am beginning aspNet, I know well win apps. Need a simple and schematic code example to start work. This is what I need to accomplish: ---------------------- Given button and a TextBox on a...
ASP.NET
16
Still Need desperate help to start with ASP NET - simplified problems - HELP!!
by: pamelafluente | last post by:
I am still working with no success on that client/server problem. I need your help. I will submit simplified versions of my problem so we can see clearly what is going on. My model: A client...
ASP.NET
15
Help - Timing Logic
by: Jay | last post by:
I have a multi threaded VB.NET application (4 threads) that I use to send text messages to many, many employees via system.timer at a 5 second interval. Basically, I look in a SQL table (queue) to...
Visual Basic .NET
4
Creating Documentation/Help Files
by: Coleen | last post by:
Hi All :-) I'm not sure where to post this, but my organization is looking for a good software application that is not terribly expensive that allows you to create documentationand help files and...
.NET Framework
1
Big Desktop Database Application - Architecture Help needed
by: abhijitbkulkarni | last post by:
Hello, I am designing a .NET database application that uses 3 tier architecture. Starting initially, this application will be desktop application but I will convert it into a website later but...
.NET Framework
0
.NET IDR_MAINFRAME menu problem - application Help menu conflict with Excel Help menu
by: hitencontractor | last post by:
I am working on .NET Version 2003 making an SDI application that calls MS Excel 2003. I added a menu item called "MyApp Help" in the end of the menu bar to show Help-> About. The application...
.NET Framework
0
How to turn on java script in a villaon keypad mobile phone
by: Charles Arthur | last post by:
How do i turn on java script on a villaon, callus and itel keypad mobile phone
Java
0
Basic Javascript concepts
by: aa123db | last post by:
Variable and constants Use var or let for variables and const fror constants. Var foo ='bar'; Let foo ='bar';const baz ='bar'; Functions function $name$ ($parameters$) { } ...
Javascript
0
Batch import of multiple excel files into the database
by: ryjfgjl | last post by:
If we have dozens or hundreds of excel to import into the database, if we use the excel import function provided by database editors such as navicat, it will be extremely tedious and time-consuming...
Data Management
0
Migrating Website to Cloud - Emmanuel Katto
by: emmanuelkatto | last post by:
Hi All, I am Emmanuel katto from Uganda. I want to ask what challenges you've faced while migrating a website to cloud. Please let me know. Thanks! Emmanuel
General
0
BarryA
Navigating the Data Structures and Algorithms (DSA)
by: BarryA | last post by:
What are the essential steps and strategies outlined in the Data Structures and Algorithms (DSA) roadmap for aspiring data scientists? How can individuals effectively utilize this roadmap to progress...
Algorithms / Advanced Math
1
Looking to do Android software development, any suggestions? Is flutter better?
by: nemocccc | last post by:
hello, everyone, I want to develop a software for my android phone for daily needs, any suggestions?
General
1
Is that possible of reading the .csv file in column wise and the column have different lengths ?
by: Sonnysonu | last post by:
This is the data of csv file 1 2 3 1 2 3 1 2 3 1 2 3 2 3 2 3 3 the lengths should be different i have to store the data by column-wise with in the specific length. suppose the i have to...
C / C++
0
marktang
What is ONU?
by: marktang | last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However,...
General
0
jinu1996
Maximizing Business Potential: The Nexus of Website Design and Digital Marketing
by: jinu1996 | last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...
Online Marketing

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes:
Post a Job
Sponsored Posts
Platinum & Gold Sponsors
Hire Now!