mrdahjr
11-04-2010, 09:22 PM
I have a form located in a folder, inside SSL. Once completed the form saves all data to a mysql database, all handled while never leaving SSL. I am assuming this process is secure. This form/process is called by link from the main page, which is not in SSL.
Once stored in the database, is it safe to retrieve any data from this database when not inside SSL? If so, I usually store said data in a session (using $_SESSION) - am I safe to assume the data is safe, even if not inside SSL?
I read somewhere that forms and the data posted by forms need to be protected, but data stored in $_SESSION does not need SSL, and I just wanted to clarify. Thanks.
Once stored in the database, is it safe to retrieve any data from this database when not inside SSL? If so, I usually store said data in a session (using $_SESSION) - am I safe to assume the data is safe, even if not inside SSL?
I read somewhere that forms and the data posted by forms need to be protected, but data stored in $_SESSION does not need SSL, and I just wanted to clarify. Thanks.