StackOverflow2013

Note that there are some explanatory texts on larger screens.

plurals

PO
primarykey
Id
600324
data
AcceptedAnswerId
0
AnswerCount
0
ClosedDate
CommentCount
0
CommunityOwnedDate
CreationDate
2009-03-01T19:16:50.077
FavoriteCount
0
LastActivityDate
2009-03-01T19:16:50.077
LastEditDate
LastEditorUserId
0
OwnerUserId
55911
ParentId
582684
PostTypeId
2
Score
0
ViewCount
0
LastEditorDisplayName
text
Body
First, I agree with other answers -- client is absolutely your enemy, and should never be trusted. To also expand on some comments you placed -- even if "EnoughFunds" returns some sort of encrypted token, whats the assure that it wasn't still called by the hacker with amount of 10, and subsequent transfer was activated with amount of 10000000. The approach must be to place atomic business logic together, such as "EnoughFunds and Transfer". I would recommend adding a sequence also, to every server call, so that older server calls can never be re-executed, since they are now out of sequence. Server should return "next sequence token" as some sort of "encrypted" number. This can be as easy just generate random number and return as part of response, while also placing it in server session and reconfirming it on any subsequent call from that client. Again, this trick is not a security measure as much as simply trying to help avoid too easy of a "fiddlering" situation. This can be combined with obfuscating your API. If you call web-services by their name (for ex: EnoughFunds service will be called just that), it is becoming that much easier to reverse engineer. Instead, do something as simple as enumerate services, and go through central controller - activateTask=12?param1=200 . This is still pretty easy to reverse engineer, though... So better if you can invest in encrypting each request altogether, to look like : SFASDFsdq1231sd4DFGTRsdf2rDF And of course any such good request encryption, should be in-part based on the session-id (aka: login authentication token, usually)
Tags
Title
singulars
PostAcceptedAnswerId
1. This table or related slice is empty.
PostParentId
1. POSecurity in Flex – is it possible to manipulate downloaded code and execute web service
 singulars
 PostTypePostTypeId
 PTQuestion
PostTypePostTypeId
1. PTAnswer
UserLastEditorUserId
1. This table or related slice is empty.
UserOwnerUserId
1. USadir1
plurals
PostLinksPostIdRelatedPostId
1. This table or related slice is empty.
PostLinksRelatedPostIdPostId
1. This table or related slice is empty.
PostsAcceptedAnswerId
1. This table or related slice is empty.
PostsParentIdCreationDate
1. This table or related slice is empty.
VotesPostIdCreationDate
1. This table or related slice is empty.
CommentsPostId
1. This table or related slice is empty.

Querying!

Guidance

A row detail

Detail views are divided into sections. All the information in the data section comes from columns in the selected row. The other sections display data from other, related rows.

Related data can be related in a to-one or a to-many fashion. Captions of data related in a to-many fashion link to a list view showing a filtered view of the table.

Try moving around until you find a non-empty to-many entry and click on the label to get to one. You can move back to the root by clicking on the database name in the header.