I want to collect form data from another server but I don't want that anyone else to be able to post data to my data collection script. Data would be sent in the form of "URL.com/getdata.php?data1=xxx&data2=xxx&data3=xxx&data4=xxx&data5=xxx" how can I secure this?
change ur $_GET['something'] to a $_POST['something'] variable, maybe we can see what u really need, can u post script?
add session checking "URL.com/getdata.php?data1=xxx&data2=xxx&data3=xxx&data4=xxx&data5=xxx&session=233dasd32e3"
The script is mine but the get data is being sent by an advertising company. I cannot change that. My script can accept data at this moment but I am only worried that someone may hack the script to know the data fields and fill it with false data. I just want to validate that when the data comes from advertising company's IP only then the data is processed else nothing is saved. Somebody suggested to me to set referrer variable but he did not explain more so I don't know how to use it.
lol ..even post is not safe as their are many browser plugin which allows u to play with post data in runtime even referral checking is not enought as it can changed... so may be u should come up with other security system in combination of 2-3 techniques.... base url checking can be one way as well...