RE: [PHP] Re: HTTPS w/ header() ?

chicken or egg question here... assuming the directory requires authentication a la .htaccess or httpd.conf allow/deny does this methos encapsulate the authentication in the SSL or does this only eget applied after authenticating and reading the file to get the header portion. Example, current

Re: [PHP] Re: HTTPS w/ header() ?

I have done something like this. For the site I am working on, the user must log on. At the logon screen I check if(getenv(HTTPS)!=on) { header (Location: https://logon_screen;); } every page has an include that checks $HTTPS as part of the sessions and validation. If https!=on then it kicks