... this is bad, I won't be able to deploy to production until I fix this.<br><br>I've configured mod_ssl with my apache to require my drupal site to run in SSL.<br><br>And then I changed my login form to post back in https all the time<br>
$form = array(<br> '#action' => preg_replace('/^http:/', 'https:', url($_GET['q'], drupal_get_destination(), null, true)),<br> );<br><br>So my logins are encrypted.<br><br>So I'm on the site and https is encrypting the GETs, but then I change a form, say my profile page, then I post anything back to the server and my browser says I am sending text in the clear, non-encrypted.<br>
<br>Does this mean I need to rewrite the form posts for every form post page ?<br>
<br>Has anyone seen this, please assist a fellow Drupal user,<br><br>