Hi Samuka, I can understand your concern. This is in fact very simple, you should use signed requests when making makeRequest calls.
Please refer to the following wiki page to know everything about signed request - http://code.google.com/p/opensocial-resources/wiki/OrkutValidatingSignedRequests Thanks, Rohit Google Developer Programs Meet OpenSocial developers irc://irc.freenode.net/opensocial On Sun, Jun 8, 2008 at 2:39 AM, Samuka <[EMAIL PROTECTED]> wrote: > > Hi guys! > > I'm a new developer of opensocial :D I want to use a back end database > (mysql with php), and pass some information to it, using > gadgets.io.makeRequest() method; > > So, here it is, i can send info to a file called, for exemple > savedata.php using this method, just like this: > > var data = { > data1 : "Here i am", > data2 : "Lorem ipsum, dolor sit?" > }; > > var params = {}; > params[gadgets.io.RequestParameters.METHOD] = > gadgets.io.MethodType.POST; > params[gadgets.io.RequestParameters.POST_DATA] = > gadgets.io.encodeValues(data); > gadgets.io.makeRequest(url, retorn, params); > > however, i don't want anyone to be able to send a urlencoded form to > my savedata.php and change all my database stuff... So, i need to make > a server-side verificantion at savedata.php in order to be sure that > the arriving data came from my orkut application. How can I do that? > > Thank you very much > Samuka > > > --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "OpenSocial Application Development" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/opensocial-api?hl=en -~----------~----~----~----~------~----~------~--~---
