is an include call to ssl server secured?
Posted: Thu Feb 16, 2006 1:14 pm
Note: When I use the word "key" below, I simply mean a text string used by my scripts, not an encryption key.
I (actually my client -- not me) have an unencrypted server with the mySQL database, etc. Then I have another server with ssl provided by the hosting company. The only script on the ssl server is the one for taking payment info. I want to send a unique key to the ssl server with each customer, and I'd like it to be over the secure line. So instead of sending the key to the customers browser (over the unsecured line) as part of the link to the secure server, if I send the key directly to the secure server via an include call then redirect the clients browser with a header statement, would that connection (the include for sending the key) be secured?
In other words, does the unsecured server get the same protection when communicating with a secured server via a php include call, as a web browser does when communicating with the secured server? Thanks in advance.
I (actually my client -- not me) have an unencrypted server with the mySQL database, etc. Then I have another server with ssl provided by the hosting company. The only script on the ssl server is the one for taking payment info. I want to send a unique key to the ssl server with each customer, and I'd like it to be over the secure line. So instead of sending the key to the customers browser (over the unsecured line) as part of the link to the secure server, if I send the key directly to the secure server via an include call then redirect the clients browser with a header statement, would that connection (the include for sending the key) be secured?
In other words, does the unsecured server get the same protection when communicating with a secured server via a php include call, as a web browser does when communicating with the secured server? Thanks in advance.