> if anyone use decompilers/http request.. will see .../script.php? > foo1=1&foo2=2 but i have a little surprise in php:
If you use a recording HTTP proxy or packet sniffer, you will see (and can modify) the entire HTTP request, not just the first line. > 2. extra check in php - make sure script is called from swf > and not from browser. you can add some ip ban script for > those who try. > <?php > if (!isset($_REQUEST["speed"]) || > !isset($_REQUEST["stuffurl"])) die(); . If I record the entire HTTP request, there is no server-side check you can make to guarantee anything my client says. Dave Watts, CTO, Fig Leaf Software http://www.figleaf.com/ Fig Leaf Software provides the highest caliber vendor-authorized instruction at our training centers in Washington DC, Atlanta, Chicago, Baltimore, Northern Virginia, or on-site at your location. Visit http://training.figleaf.com/ for more information! _______________________________________________ Flashcoders mailing list Flashcoders@chattyfig.figleaf.com http://chattyfig.figleaf.com/mailman/listinfo/flashcoders
