However, even if you accessed the website via HTTPS from start it doesn’t guarantee you full protection.
1) you visit https://secure.example.com/ which drops a cookie on your browser
2) you then visit http://www.google.com/ however a MITM inserts
<div style='visibility:hidden'> <iframe src='http://secure.example.com/'></iframe> <div>
3) MITM sniffs your cookie from the request on the iframe
And then there’s also the possibility of session fixation – where even if the cookie dropped by https://secure.example.com/ has the secure flag set, that’s no use if it sends back a session id it received in a non-secure cookie (again set via MITM).
But things became more obscure when we think about consecutive requests. Just because the main page is using plain http doesn’t mean that the data sent to the server isn’t using SSL (and vice versa). Check out the Google’s Search page source and look at the URL the search button sends the form data to.
In conclusion I can say the following: use HTTPS from start for the most important resources for you and do not access them (even via HTTPS) from untrusted networks, such as public WiFi – there is still a possibility to be hacked.