Flash CS3 GuestBook

[Flep]

A new free utility !

It's a Flash CS3 and Actionscript 3.0 GuestBook.
Supported by PHP e mySQL , it creates a DataBase or a new Table into existing DataBase. Easy installation.

Cutomizable design, just open the FLA and let's run your fantasy.

Developers:
Flep - Flash CS3* & Actionscript 3.0
Tem Advertising Torino Web Design - T Concept Studio - PHP, XML and MySQL
Mariano Martucci - PHP supervisor.

Flash CS3 GuestBook

Actionscript 3.0, XML, PHP and mySQL based

Description

Flash CS3 and Actionscript 3.0 GuestBook supported by PHP and mySQL.

Reads from an XML file.

Easy installation.

Minimum requirements

Installation

- create a new folder on your domain and call it ' guestbook ' or as you wish.

- open setup.php ( it's into includes folder ) and change the database parameters.

- upload into guestbook folder:

AC_RunActiveContent.js

add_guest.php

includes folder

xml folder and CHMOD 777

install.php

guestbook.htm

- hit your browser to install.php

- follow the instructions

- delete install.php

- open LoadingXML.as and change the URL to xml file at line 26

- open SendTheMessage.as and change the URL to add_guest.php at line 25

open main.fla and launch the SWF. If the url's to xml file and add_guest.php are corrects main.swf will run properly

upload into guestbook folder:

main.swf

IMPORTANT:

install.php will create a new database.

If the database allready exists, it creates a new table.

Source files:

[cyberluk]

What about security? What if I'll send some data to the script add_guest.php via browser or via other PHP script? What about spambot protection? What if the guestbook would be only for registered users? I think of a SECURE communication between Flash and PHP script....like if you want to sent your game score to your web server and prevent smart players from sending the score right away :-) like I've seen in some commercial flash games (advertisment).

[Flep]

This is an open-source guest-book.
You can change it as you prefer, above all you can add security checks at PHP scripts.

[cyberluk]

Yes, but from the developer point of view...what checks? I could think only of cookies passed from server with some encrypted data.

PS: I don't care if it's open-source or not...I can easily sniff the URL of the script and start sending some data in loop, that's a security hole.

[Flep]

That's up to you.

[cyberluk]

Uh...it's up to me? Like you don't want to help or you don't how it could be done? I'm not asking for tutorial or implementation. I'm asking what method do you think is the most secure, I could think only of some server cookies verification. Thanks

[cyberluk]

You can read about simillar problems here: Security Flash >> Php - Sephiroth's forums

[cyberluk]

I think the best way is to use ExternalInterface in Flash9 and call some JavaScript function, which is tied to browser's cookies, and then make an XMLHTTPRequest to the server.

[cyberluk]

If you are interested in securying connection between PHP and Flash (or anything else), this presentation might help: http://brainbulb.com/talks/php-security.swf

[gwulfwud]

thanks for the link cyberluk. really helped!

oh btw, do you think i will need to implement this on an online mp3 player,coz i don't want people downloading those mp3 files from the servers.