Any simple, but secure script available for Flash > MySQL DB integration? I need something for a Login DB.
Exchanging variables with PHP is nice and easy, but obviously insecure.
via NetConnection? Got some leads: lead-1, lead-2.
Cold Fusion? Anybody has any ideas?
Less likely solutions:
via XML? Anybody has any idea how to use XML to connect to a DB? (AS2 or AS3)
AMF-PHP is not possible for security reasons (script installed on server root)
Java Server ras to be specially installed on server.
Edit: Encryption should make the PHP solution more viable, although offering only basic protection for a high-security Login Database. See also: SO: 1, 2, 3, Adobe: 4.
解决方案
Afaik it is impossible to talk to a MySQL server directly via ActionScript (unless someone has written a package that actually handless the net stuff, but I haven't seen one yet).
May I also point out that your remark about "insecure because of PHP" is not really accurate?
It is even worse when you actually do everything from the applet: It is peanuts these days to decompile an .SWF and then they will even have the login data for your database.
I think, as Ristonj suggested that it is best that you use the URLRequest class.
What I usually do is pass on the current php session ID to the applet so that I can include this and the user IP in the initial applet request. On the server I check if the ip/session are actually active in the session table and match. If so the user gets a sort of command token that allows him to perform requests, which in turn can do your database updates.
If you do all that over an SSL connection, you are pretty safe.
And yes, you have to store PHP scripts on the server, but it is more difficult to get the source for these than just being able to decompile the applet and extract everything :)
I like to keep all program logic that is potentially dangerous on the server only, NOT in the applet.
2296
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
