Understand, i thinking create session in PHP and when flex comunicate to php send the session to check if this session really exist em PHP but i thinking those ways are little strange, i think this problem should be handle in amfphp and not in my code...
In amfphp 1.2 we had way to create password for access methods, it's not possible to make in 1.9? --- In [email protected], Adnan Doric <[EMAIL PROTECTED]> wrote: > > danielvlopes wrote: > > Hello, i'm using amfphp 1.9 beta2 to make comunication between php and > > flex, but i had some question about security when use amfphp... > > > > If someone discover the name of my methods in my classes inside > > services amfphp folder and point your flex app to my gateway using > > absolut path the invader can use my methods. > > > > Exist some way to use password to use gateway or don't accept absolute > > paths or better way to fix this problem??? > > > > Thanks. > > > > > > > Hello, > > You can use MD5 or SHA1 from corelib for example to generate a unique > key to be recognized on PHP side. You should use PHP sessions too so you > can store session id in database and pass session id to flex using > flashvars (just an example). > > cheers, > Adnan >
