I have a login page with a form where users enter there login and password. The form's action is "https://mysite.com/login.php".
login.php authenticates the user and if the authentication is successful it ends with a:
header("Location: http://mysite.com/welcome.html?a=b&c=etc...");
The problem I am facing is that the flow of event is:
http -> https -> http
and this causes IE and Netscape to put up an alert box telling users that they are leaving a secured site.
The IE messages is:
"You are about to be redirected to a connection that is not secure. The information you are sending to the current site might be retransmitted to a non-secure site. Do you wish to continue?"
I only want to use HTTPS for the parts of my web site that actually need it and nothing else. The way I have things set up now I receive the data through HTTPS, use it, and then put the user back on a "regular" HTTP connection since I don't need https anymore. But I get browsers throwing up these warnings ....
Is there a way around this? The messages are annoying at best and probably scary to users ...
Thanks,
Jc
-- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php