links..
Yes, so any links on the page are already https, but the PCI scan specifically calls out the "authentication" process and how it passes values. So, are you saying that all I need to do is modify this line: $SuccessRedirect = "blah.php"; to be $SuccessRedirect = "https://www.domain.com/blah.php"; instead?