Thanks William, I don't know much on this but this is what I believe: Setting up a user log in system, and each user has a authorization token number? Would this ultimately stop scripts from being sent from places other than my site?
Could I hide everyone's authorization token number so even a registered user could not type it into a URL bar from somewhere other than my site? Ultimately requiring the use my site's PHP script and none others? On Sep 29, 3:42 pm, William <[EMAIL PROTECTED]> wrote: > I think you need to implement some kind of token system to ensure > database search requests only originate from your site. > For example seehttp://phpsec.org/projects/guide/2.html > > It should NOT be possible to get XML for your database simply by > looking at your form, and then typing a URL > likehttp://www.example.com/database.php?name=mississippi > > The form should ensure that some authorisation token is sent, either > by PHP session or maybe something > likehttp://www.example.com/database.php?name=mississippi?token=AKD9SKD38A... --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Google Maps API" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/Google-Maps-API?hl=en -~----------~----~----~----~------~----~------~--~---
