Quote:
The app just calls a script that populates a table on my app. Users are asked to put in their email at some point when they make an entry on the table.
The main problem is that someone clever could figure out the script being called and recall all the email addresses stored on the server.
|
It wouldn't even take somebody clever.
This isn't an "iPhone" problem, and you're on the wrong forum. You need to learn PHP 101, and go to a PHP forum.
But, then again, it isn't even a PHP problem. It's a basic web services security issue, that transcends any given language or platform. You need to learn about HTTP authentication and SSL. (There are other approaches, but it would take a good understanding of computer security.) You don't need code snippets. You first need to understand some of the basics of computer security, authentication and encryption. And before you even look into that, you need to get a basic understanding of the societal and legal issues. You at least seem to have an inkling about that, as you do seem troubled by your current approach.
Your security is no security, and asking people to store their email addresses in such an insecure manner is just plain irresponsible. I hope your app has not yet been released.
I'll give one more bit of advice - you've mis-stated your problem. It is NOT "preventing somebody from accessing the data from a web browser". It's "preventing unauthorized access to the data". I hope that's helpful, because before you can solve the problem, first you need to understand just what the problem is.
Perhaps you should channel your efforts initially into an app that has less potential for damage. Sorry for ripping you a new one for being a newbie - but there are some thing that newbies probably shouldn't be dabbling in just yet.
