Thanks for your help guys.
Oleg: I didnt really understand what you meant. The server cant know about your highscroe locally? IE: you score 13 points. You need to tell the server that you got 13 points. How could the server know otherwise that you got 13 points? Valdhor: I think this is something we approached first. When the HTML page is generated, a hash is created which must be passed along with the username for anything to happen. Its just for my brain, whats to stop me using charles to see the hash, then calling "highscore(userID, hash, 39894809489048840984)". Its for this reason i dont understand hashs, they help but not really. https was also another option but i think that this application uses different networks Game.swf comes from game.com UserInfo comes from network1.com, network2.com I believe this makes HTTPS impossible? Anyways thanks again. Cheers, Clark. On 11 August 2010 14:35, valdhor <valdhorli...@embarqmail.com> wrote: > > > You could always use a secure connection via https. Also, you could send an > encrypted username and password. For example, every thirty minutes generate > a new password string. The server can use the same algorithm to generate a > string and then you could compare them. > > > --- In flexcoders@yahoogroups.com <flexcoders%40yahoogroups.com>, Clark > Stevenson <a.scots...@...> wrote: > > > > Hi all. > > > > I am new to AMFPHP. Lets say you have a class and a function: > > > > SomeClass.saveHighScore(304958); > > > > For me, the way i see it, is that anyone using Charles can call this > > method? Whats to stop anyone from calling it directly? > > > > SomeClass.saveHighScore(20394948548438484). > > > > > > Can any one advise me on ways i could secure this method? > > > > Thanks. > > > > Clark. > > > > >
