sql - How to hide / encrypt POST data sent from FLASH to PHP from Tamper Data -

tamper data

there terrible thing called tamper data. receives post'ing data flash php , give ability user change values.

imagine in flash game (written in actionscript 3) score points , time. after match completed score , time variables sending php , inserting database.

but user can easy change values tamper data after match completed. changed values inserted database.

---

my idea seems won't work

i had idea update data in database on every change? mean if player +10 score points need instant write database. how time? need update table in database every milisecond? protection solution @ all? if user can change post data can change everytime last time when game completed.

---

so how avoid 3rd party software tamper data?

tokens. i've read article tokens, there talking how create random string token , compare database, it's not detailed , don't have idea how realise it. idea? if yes, maybe how realise practically?

according me better way send both parameter , value in encrypted format score=12 send c2nvcmu9mti= base64

function encrypt($str) {      $s = strtr(base64_encode(mcrypt_encrypt(mcrypt_rijndael_256, md5(saltkey), serialize($str), mcrypt_mode_cbc, md5(md5(saltkey)))), '+/=', '-_,');  return $s;  }  function decrypt($str) {     $s = unserialize(rtrim(mcrypt_decrypt(mcrypt_rijndael_256, md5(saltkey), base64_decode(strtr($str, '-_,', '+/=')), mcrypt_mode_cbc, md5(md5(saltkey))), "\0"));  return $s; }