Should the entire browsing session be HTTPS after login, or just for important functions like "login" and "checkout"
If noly for those function, who should I design to jump back an forth. I know DB should be used for cart items, but when I jump to HTTPS, should I enclude the session ID (which will be stored in the DB) as a GET query string field? If not, how else will I be able to know which user to continue with. I don't see any functions that will let you specify which session ID to continue with. What is the best practice?
-- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
