How different is https for my scripts?

Kold

Hello.

I have made what is essentially a form and database submission script. One of the forms may be being put onto a secure server.

What are the implications of doing so with regards to the PHP script? Can it still reside on the 'unsecure' server? Using my own understanding of it, it would be pointless placing the forms on a secure server and script on the normal one? Despite whether there is any point, would I need to alter my script in any way?

Any info will be much appreciated!
Thanks!
K.

devinemke

regardless of which server the form is on, the point is that the form data sent between the client and the server should be sent over a secure connection if the form data contains sensitive information. there is absolutely no added security benefit by serving up a form securely since at that point no data has been sent yet.

some might argue that there is a security benefit to this since many users like to see a little yellow pad lock in the browser while filling out a form.

you will need to change the action path of your form to point to the form processor on the secure server. be advised that switching between http and https can cause problems using sessions.

Kold

Thanks