Mamerto

Thank you all guys, I really needed some advice and your suggestions have helped a lot. I might have to re-think the whole application. Best regards, Mamer

Thanks Andy, if I understand, what you suggest is checking whether the script is being invoked from a browser or not. However I 'd like to prevent unwanted uses from a browser too. I mean, I'd like the only way to run the php script was from the web app interface (http://mysite.com/webapp.html) and by no means typing directly the request on a browser (http://mysite.com/php/myscript.php?action=1). Do you know any way to make a php script could distinguish between both situation? Regards, Mamer

Thanks Wolfcry, but wouldn't that prevent the access from the web app too? I am not familiar with Apache directives but I thought that restricting the access to directory would apply to the web app... Mamer

Hello all, A simple question: I have a HTML application from which a php script is executed. 'GET' method is used and no form is submitted. I was wondering if there is a way to prevent users from run this php script directly in the browser. Thank you all for your suggestions, Mamer

Hi all, I am dealing with an html page in which a dynamically created PNG image is shown with: <img src="createchart.php"> The problem arises when users try to download the image since the default name that appears is just "createchart.php". Is there any way to make the browser suggest something like "chart.png"? Than you guys for your help, Mam