Well I just had a brain storm this morning and for some reason came up with something really interesting which I don’t believe I’ve seen discussed anywhere. Likewise, for us making secure sites with flash, it’s vital.
Many people are starting to create lock systems in flash which prevent a viewer from entering without the proper code. Now in order to accomplish this, one would need to use the code in their html, which would illiminate the menu when a visitor “right-clicked” on the swf, because there is a play option on the menu which will cause the movie to play regardless of the stop command which is holding up the swf.
I don’t think that people are thinking about this. If I were to visit the site, and do a “view source” on the html doc, I would have the literal address of the swf file. With that in hand, I can pull up the swf in it’s own window, which would not have the special code in it preventing the menu right-click.
I’ve already tried this on a couple of flash security locks and I’ve gotten through.
The cure for this is actually simple.
In your flash, place an extra frame after the one with the lock.
The lock should be set, so that when the user enters the proper combination it moves the play head two frames ahead instead of one.
In the extra frame you’ve added, place a/s which tells the play head to go back to the beginning.
If this doesn’t make too much sense, just say so and I’ll try to explain it better.
Yeah I was kind of surprised that I even thought about it. I knew some of your users would benefit. Security is always one of those questions which comes up.
I never thought of that either, although I must say that I wouldn’t advocate using Flash as a form of security anyway - you’re much better off with a php/mysql solution.
Still, for those who want to use it - it makes it that little bit more safe.
Hey BishopB,
I agree that other technologies are more safer, but Flash is the only file format with mass popularity that cannot have its source viewed into. An SWF file has no intelligble (is that a word?) content for any hacker or such.
While ActionScript viewer can easily see the actions you have in a movie, you can add a arcane line of code that prevents a program from sniffing a SWF file. upuaut8’s answer might be solution to issues many people had with Flash and security.
hey bishop b… on that link in ur reply… u had one link open AND close your menu… how did you do that? its like the button most flash pages has to turn sound off and on… i need to know the code for that AND if you can me it repeat ONLY ONCE. meaning… turn volume on, then off, and if u want it off past that point ur screwed =] this is actually for a menu button of mine i am working on.
Create a movie clip, with two keyframes. Put stop(); actions on each.
In the first frame, create a new button and put the following script on it :
on (release) {
//insert button actions here
gotoAndStop(2);
}
Then in the second frame of the clip, put another button, with the following script :
on (release) {
//insert button actions here
gotoAndStop(1);
}
When you put this clip on the timeline it’ll wait for you to click the button, then advance to the second button, wait for you to click, then return to the first.
kewl… but can u get it to cycle only once? liek the first one opens a movie… then every click after that goes to a certain action… liek u click the forum button to open the menu… and then u click it agian to go to teh forum… then u click it agian and u go to the forum… not open the menu again. =]
Creating engaging and entertaining content for designers and developers since 1998.
