Best way to Learn to use SSL in my PHP websites

**Rik** · Apr 25 '07, 05:35 PM

Re: Best way to Learn to use SSL in my PHP websites

KDawg44 wrote:

I have programmed a bunch of sites using PHP and MySQL but have been
tasked with writing a small ecommerce site. To do this, I will need
to use https. I have not programmed using ssl or anything like that
before and was hoping for reference to a spot to learn what I need to
do.

Your PHP & MySQL code is exactly the same. The only problem is setting
up the webserver. Most hosters have taken care of that for you.

Communicating with another site by SSL is something else. Is that what
you mean?

--
Rik Wasmus

Estimated date being able to walk again: 01-05-2007.
Less then a week, hurray!

**KDawg44** · Apr 26 '07, 01:35 PM

Re: Best way to Learn to use SSL in my PHP websites

On Apr 25, 12:44 pm, Rik <luiheidsgoe... @hotmail.comwro te:

KDawg44 wrote:

I have programmed a bunch of sites using PHP and MySQL but have been
tasked with writing a small ecommerce site. To do this, I will need
to use https. I have not programmed using ssl or anything like that
before and was hoping for reference to a spot to learn what I need to
do.

>
Your PHP & MySQL code is exactly the same. The only problem is setting
up the webserver. Most hosters have taken care of that for you.
>
Communicating with another site by SSL is something else. Is that what
you mean?
>
--
Rik Wasmus
>
Estimated date being able to walk again: 01-05-2007.
Less then a week, hurray!

Thanks for the information. I will try to explain a little more. I
have written a bunch of content websites using PHP and MySQL. I wrote
a testing engine that was used in a class I was teaching. I have
written a bunch of stuff but all for myself or friends or
organizations. I have recently started doing some side consulting and
have been asked to develop an e-commerce site. This will have a non
secure website, a secure login, and a secure shopping cart. Also, it
will have a secure reporting and administration side for the company
to manage inventory and print reports and such. I need to make sure
that when I do this the information is secure. I will also be passing
information to processing companies for payment processing.

If the webserver is what I need to be concerned about, then that is
what I will focus on. Since I have never looked into passing
information securely like this, I have no idea.

Thanks very much for your suggestions and advice.

**Rik** · Apr 26 '07, 04:55 PM

Re: Best way to Learn to use SSL in my PHP websites

KDawg44 wrote:

On Apr 25, 12:44 pm, Rik <luiheidsgoe... @hotmail.comwro te:

>KDawg44 wrote:

>>I have programmed a bunch of sites using PHP and MySQL but have been
>>tasked with writing a small ecommerce site. To do this, I will need
>>to use https. I have not programmed using ssl or anything like that
>>before and was hoping for reference to a spot to learn what I need to
>>do.

>Your PHP & MySQL code is exactly the same. The only problem is setting
>up the webserver. Most hosters have taken care of that for you.
>>
>Communicatin g with another site by SSL is something else. Is that what
>you mean?
>>
>--
>Rik Wasmus
>>
>Estimated date being able to walk again: 01-05-2007.
>Less then a week, hurray!

>
Thanks for the information. I will try to explain a little more. I
have written a bunch of content websites using PHP and MySQL. I wrote
a testing engine that was used in a class I was teaching. I have
written a bunch of stuff but all for myself or friends or
organizations. I have recently started doing some side consulting and
have been asked to develop an e-commerce site. This will have a non
secure website, a secure login, and a secure shopping cart. Also, it
will have a secure reporting and administration side for the company
to manage inventory and print reports and such. I need to make sure
that when I do this the information is secure. I will also be passing
information to processing companies for payment processing.
>
If the webserver is what I need to be concerned about, then that is
what I will focus on. Since I have never looked into passing
information securely like this, I have no idea.
>
Thanks very much for your suggestions and advice.

A 'simple' way to do this is by:
- putting the both SSL an non-SLL content in the same document root.
- making _all_ links relative (or relative to root).
- make a check on pages where SSL is absolutely required by checking
$_SERVER['HTTPS'] and possbibly do a header redirect if they're using
the non-SSL connection.
--
Rik Wasmus

Estimated date being able to walk again: 01-05-2007.
Less then a week, hurray!

Best way to Learn to use SSL in my PHP websites

Best way to Learn to use SSL in my PHP websites

Comment

Comment

Comment