Logic without the fatal effects.
All code snippets are licensed under WTFPL.
Not being being held responsible for something by higher autorities does not mean your clients will like to know their passwords leaked from your hacked database.
If information is not confidential and the only reason for SSL/TLS is to protect authentication process, you could use OpenID or other hosted authentication service (that you trust of course), or implement SRP.
Where SSL is useful is in protecting the passwords from sniffers. Anytime they use Public WiFi/Hotspots, an unencrypted password could be stolen. If the data on the site isn't that critical, then don't worry too much; if it is important, then you should be using SSL.
SSL is an interesting illusion: many people assume a site is "secure" when it has SSL, when in fact all SSL protects you from is password sniffing. A database of unencrypted passwords could be far more devastating, and is actually a bigger (but invisible) development mistake.
Thanks For Share..