How to stop someone running my php scripts from their server
Posted: Thu Jan 08, 2004 5:07 pm
I am new to php and still a little wet behind the ears so please be gentle with me!
I have developed a large mySQL database which I've made accesible to the public for browsing purposes.
I am concerned that someone might just rip off my whole database though and publish it elsewhere.
I've been told that someone could 'post' sequential variables to my form (perhaps using a php counter?) and then 'harvest' the subsequent output for repackaging into a database of their own.
Is this true or would they manually need to 'post'?
I have used if ($REQUEST_METHOD != "POST") on the form processing page to stop input directly from a url.
How could I prevent other folks from easily ripping of my database?
I have tried using a $HTTP_REFERER trap (ensuring that only queries from my domain name can get through) but I've discovered that this blocks quite a number of 'innocent' people from viewing the database for some reason.
Any ides please?
Many thanks.
Ry.
I have developed a large mySQL database which I've made accesible to the public for browsing purposes.
I am concerned that someone might just rip off my whole database though and publish it elsewhere.
I've been told that someone could 'post' sequential variables to my form (perhaps using a php counter?) and then 'harvest' the subsequent output for repackaging into a database of their own.
Is this true or would they manually need to 'post'?
I have used if ($REQUEST_METHOD != "POST") on the form processing page to stop input directly from a url.
How could I prevent other folks from easily ripping of my database?
I have tried using a $HTTP_REFERER trap (ensuring that only queries from my domain name can get through) but I've discovered that this blocks quite a number of 'innocent' people from viewing the database for some reason.
Any ides please?
Many thanks.
Ry.