There is more than one solution to this. What I use to verify the user's information is this: Create a sha1 key in PHP from the info you want to check ( username, userid) and put the hour + day in it too, so the key will be different each hour. Then send that key along with the connection command to the ape server
There you do exactly the same, create the sha1 key ( from ape's library) with the same info and compare that with the key you send through. Same = valid user, not same means trouble. :) The other way is through doing a http post request and let the validation go through a different PHP file. The first method is working perfect for me for months for thousands of users a day. Good luck! Peter <[email protected]>schreef: >Hi, > >I'm looking to make a shoutbox that uses a user's login details on my >website as their username. The APE shoutbox demo works well, but if a user >edits the javascript they can choose any name they want rather than their >current login name as per my website. > >Is there a way to secure the shoutbox so that their username was fixed from >the server-side rather than editable by the browser? > >Thanks in advance > >-- >You received this message because you are subscribed to the Google >Groups "APE Project" group. >To post to this group, send email to [email protected] >To unsubscribe from this group, send email to >[email protected] >For more options, visit this group at >http://groups.google.com/group/ape-project?hl=en >--- >APE Project (Ajax Push Engine) >Official website : http://www.ape-project.org/ >Git Hub : http://github.com/APE-Project/ -- You received this message because you are subscribed to the Google Groups "APE Project" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/ape-project?hl=en --- APE Project (Ajax Push Engine) Official website : http://www.ape-project.org/ Git Hub : http://github.com/APE-Project/
