Hey Guys,
I just have a question about the security of passing information between a Flash application embeded in a webpage and a server side script.
For example, I have a database and a PHP page on my server. A client would access the HTML page containing the Flash app and then be prompted to log in.
They would input their user name and password which gets passed to the PHP page which checks the database for authentication.
What i’m worried about is passing the information to and from the Flash app and the PHP page that does all the Database stuff.
In AS2.0 i was using SendAndLoad with LoadVars objects and I haven’t tried it with AS3.0 yet but I’m wondering what is the best way to tackle a problem like this.
Should they log in on a PHP page and only then if authenticated allow them to open a Flash page? Is the data that’s continually sent back and forth from the database to the flash page then still secure?
Thanks!
