Recently I found that my Web page containing a Flex 4 .swf file that pulls data from a MySQL database using "Flex Apps Store" Adobe Flex Connector for MYSQL and php database connect methods was being blocked by several local servers using "Intrusion Prevention" protection.Basically the page and Flex content were displayed in a user's browser but not the data from the database. The IT manager on one site explained that their security software was preventing "SQL injection attacks" that it thought our data transfer method may invite.The "Flex Apps Store" product works well and essentially passes the sql queries to the database using php. Unfortunately the security problem encountered means I have to find another method of data transfer.Has anyone else had this problem?Any ideas for a solution?
your method of data transfer is fine - you just need to make the php code more secure. google "SQL injection attack" for info on how to stop this hacker technique.
Hi Lee, Thanks for the reply.
However I have 2 more major Health Industry facilities who's security is preventing staff seeing my Flex application so I'm going to try a flex AMF - Zend solution for data transfer. That way the server security software isn't going to complain about SQL queries originating from inside a Web application.
Thanks again for the quick response.
good point! i forgot about AMF