How to structure web application with part of it being secured (SSL)

Question

What is the common pattern to structure web application where part of it has to be secured. So lets say I have page_a and page_b which do not need to be secured, although should display login information (login fields or login details once user logged in). This web app. also would have secured pages (admin, checkout or similar) secure_page_c and secure_page_d.

My questions are:

1. What is the common folder structure for such assuming I code in php with no frameworks?

2. Also how shall I deal with session variables in case user navigates lets say from secure_page_b to non secure page_a or vice versa?

3. What else might be a problem and should be considered when coding that kind of app in php?

Thank you all for any suggestions

EDIT: by secure I mean SSL, sorry should have clarified that :)

Answer 1

By Secure, I assume you mean https.

one way of enforcing this is through the modification of your web server's config file. (preferably using an include). You can set up different permissions for each directory in your web server, so for example only alow the admin directory and sub directories to be viewed through ssl. (https)

Answer 2

Why go through the hassle of having some parts secure and some not? Why not just have everything secure? Just redirect all http:// calls to https:// :)

I personally think the world would be a better place if all net traffic was encrypted :P