|
|
Posted by Dag Sunde on 11/14/06 18:34
James54321 wrote:
> Dag Sunde wrote:
>
>> James54321 wrote:
>>> Um, wouldnt doing it like that give a major vulnerability so users
>>> can cheat by going to
>>> http://mysite.com/highscores.php?score=23&name=me or is that not
>>> how you meant :S.
>>>
>>
>> That can be avoided by letting the VB-App log in to the web-app
>> first, using the same principle and with a buildt-in MD5 or SHA1
>> encrypted password first. Let the login return a sessionID, and then
>> use that id as a parameter in all subsequent calls.
>>
>> --
>> Dag.
>
> Won't doing that mean that I have to use the browser in VB or IE or
> something like that meaning that the user will see whats going on?
Nope...
:-)
Add "Microsoft XML, v3.0" (or higher) to references in a vb project.
Put a textbox and a command buttom on the form,
and set the textbox multiline property to true
and make it about an inch high.
Paste this code:
Option Explicit
Private xmlHttp As MSXML2.xmlHttp
Private Sub Command1_Click()
Set xmlHttp = New MSXML2.xmlHttp
xmlHttp.Open "POST", "http://dagsunde.com/pages/Reverse.asp", False
xmlHttp.SetRequestHeader "Content-Type",
"application/x-www-form-urlencoded"
xmlHttp.Send "testString=" & Text1.Text
If xmlHttp.readyState = 4 Then
If xmlHttp.Status = "200" Then
Text1.Text = xmlHttp.responseXML.xml
Else
MsgBox "Something went wrong...", vbCritical, "ResponseXML
error"
End If
End If
End Sub
And run...
(My server will respond, and if you don't use a http-sniffer
or some other tool, you will not see whats going over the line).
--
Dag.
Navigation:
[Reply to this message]
|