First of all - my English is bad so I hope you'll understand my problem :)
I'm new to the concept of developing web application with flex and I need your advice on how to keep it secure and what will be the best way to do it.
I'm using red5 recorder (http://www.red5-recorder.com/) To enable users to record a short video about themselves. My application will save a single video, and only for registered users - The user can overwrite previews recorded video (If that exists).
My issue - I will pass a variable to the swf object in the html (generated with php), with encrypt value of the current logged-in user ID (stored in the session). The application use the ID to create the video file and associate it with the current user (video_10.flv, video_193.flv, ...). It is a simple and basic validation but I don't know what are the possible risks. Are there any other ways to implement and verify the current logged-in user with flex like Ajax request to the server?
EDIT - problem solved. Thank you
I have found an answer to my problem with this code:
private function completeHandler(evt:Event):void {
var username:String = evt.target.data.username;
var email:String = evt.target.data.email;
trace ('username is ' + username);
trace ('email is ' + email);
}
var request:URLRequest = new URLRequest();
var data:URLVariables = new URLVariables();
var loader:URLLoader = new URLLoader();
request.url = "http://example.com/page.php";
request.method = URLRequestMethod.POST;
data.ACTION = "VIDEO"
request.data = data;
loader.dataFormat = URLLoaderDataFormat.VARIABLES;
loader.addEventListener(Event.COMPLETE, completeHandler);
loader.load(request);