yes and no
solution comes in 2 parts:
1. use loadvariables
loadVariables(.../script.php?foo1=1&foo2=2, this, "POST")
this is something: when u use loadvariables... flash will send all
_root variables too... so php will recive foo1, foo2 and all variables
that reside in _root ... with loadvariables.
i know this is kinda bad but works... make sure u have enough
variables in root... most of us have more than enough :)
if anyone use decompilers/http request.. will see .../script.php?
foo1=1&foo2=2 but i have a little surprise in php:
2. extra check in php - make sure script is called from swf and not
from browser. you can add some ip ban script for those who try.
<?php
if (!isset($_REQUEST["speed"]) || !isset($_REQUEST["stuffurl"])) die();
.
.
.
enjoy
On Jun 18, 2008, at 7:25 PM, Ricky Bacon wrote:
[EMAIL PROTECTED] wrote:
this might help you:
http://cosmincimpoi.blogspot.com/2007/09/loadvariables-security-by-built-in.html#links
Security through obscurity is not a very good idea. You also still
have the problem of someone decompiling the swf and modifying it to
their needs.
-Ricky
_______________________________________________
Flashcoders mailing list
Flashcoders@chattyfig.figleaf.com
http://chattyfig.figleaf.com/mailman/listinfo/flashcoders
_______________________________________________
Flashcoders mailing list
Flashcoders@chattyfig.figleaf.com
http://chattyfig.figleaf.com/mailman/listinfo/flashcoders
