<snip> I'm about 90% sure that URL strings are passed in the clear to SSL servers, so this would defeat the purpose of SSL. </snip>
I don't think this is true. You can see the query string in the address bar, but (with what little http knowledge I have) the http conversation is encrypted, if you sniff it, the contents will be encrypted, even the query string. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php