First off start your secure page with something like the following at the top:
Code:
<?php
if (!$_SERVER['HTTPS'] == 'on'){
header("Location: https://www.mydomain.com".$_SERVER['PHP_SELF']);
}
?>
That will cause the web server to use secure sockets. It is important that the php tag is the very first line of the file, or the headers will already have been sent and you will get an error.
After that you can just write normal html up to the point you need your dynamic data. There you open a php tag "<?php" query the database and use "echo" to send the result to the client, close the tag "?>" and drop back into html. Posted form variables are available in an array $_POST['myvar'], and those sent in the URL - format: "myfile.php?myfirstvar=foo&mysecondvar=bar" - are available in $_GET['myvar']. You can go back and forth between html and php as often as you like within a file, but it can get a bit difficult to understand your own code if you overdo it!
The php manual at php.net is comprehensive and generally easily understood, but I know a few people who've been caught out by not realising that one blank line at the start of the file is enough to break setting the secure header, or setting a cookie for that matter.
Bookmarks