visitor (0 QPoints)
  • FR
  • EN
  • NL
  • DE
  • ES
315 experts, 1193 registered users, 1659 questions already answered
European Experts Exchange, the very best site for high-quality IT solutions

New Improved Search!

 


05/10/2011 1h30 : Steve Jobs is dead, the father of Apple ][ is gone, we are all orphaned.

Languages :: PHP :: security issue. probably easy question.
By: robi U.S.A.  Date: 25/02/2003 00:00:00  English  Points: 100 Status: Answered
Quality : Excellent


i have developed some flash interactive game, which comunicates with php script and sends some parameters to php script (like username, results etc). This i think isnt secure enough, so i would like to raize its security by getting URL from file that sends commands to php script. If i can determine somehow where is located flash movie that sends parameters and asks answer i can easy reject any response if i get request from some other location.

Anyone knows how can i get this info?

thanks in advance.


P.S.DO you think these thoughts are in right direction? Any other idea for improving this kind of security?
By: VGR Date: 25/02/2003 17:17:00 English  Type : Answer
technically, the "URL from file that sends commands to php script" is what HTTP calls HTTP_REFERER, and there is a server variable of that name alongside with REMOTE_ADDR and such

regards,
By: TheFalklands Date: 26/02/2003 20:20:00 English  Type : Comment
I think post method is secure enough you can enhance the security as VGR says by getting the HTTP_REFERER as you know what the url of the flash file so you can check in the called php file and confirm that the referer is correct or not

TFL
By: Oliver_Dornauf Date: 26/02/2003 21:07:00 English  Type : Comment
not every client sends a HTTP_REFERER so you can not use this.

Do register to be able to answer

©2010 These pages are served without commercial sponsorship. (No popup ads, etc...). Bandwidth abuse increases hosting cost forcing sponsorship or shutdown. This server aggressively defends against automated copying for any reason including offline viewing, duplication, etc... Please respect this requirement and DO NOT RIP THIS SITE.
Please DO link to this page! Post to Twitter Post to Plurk Post to Yahoo Buzz Post to Delicious Post to Digg Post to Facebook Post to MySpace Post to Ping.fm Post to Reddit Post to StumbleUpon

EContact
browser fav
page generated in 336.290840 milliseconds

Why Google AdSense ads ?
compteur
 Ranking-Hits PageRank for this page