Well, downloading your entire database? Is your password public? On 6/29/06, J Siegel <[EMAIL PROTECTED]> wrote: > > $_SERVER['HTTP_REFERER'] > > I messed around with this today. Yeah, it does work for an html/php > reference. I'm calling my php code through Flash though and the > referer is always blank. Drats. > > I also found how the referer can be easily defeated. It's an OK way > to protect php access from 85% of curious users but it isn't a full > solution. > > Certainly this is something that is needed. I can't be the only one > with a database accessed through php who doesn't want anyone to just > make their own accesses to it. Without some type of protection, > anyone could write a simple script to download my entire database.
------------------------ Yahoo! Groups Sponsor --------------------~--> Check out the new improvements in Yahoo! Groups email. http://us.click.yahoo.com/6pRQfA/fOaOAA/yQLSAA/CefplB/TM --------------------------------------------------------------------~-> The php_mysql group is dedicated to learn more about the PHP/MySQL web database possibilities through group learning. Yahoo! Groups Links <*> To visit your group on the web, go to: http://groups.yahoo.com/group/php_mysql/ <*> To unsubscribe from this group, send an email to: [EMAIL PROTECTED] <*> Your use of Yahoo! Groups is subject to: http://docs.yahoo.com/info/terms/
