[SOLVED] Making this secure, is it even possible?

[Michdd]

I'm creating a system that will be given out to other people, one feature of this will be able to periodically send information to a website about their board, this would put them on a list of active boards with their stats. The way I plan to send the information is through HTTP requests, like ?boardid=325&stats=etc..&whatever=whatever. Although that would be insecure, because to gain false stats anyone could just visit that URL and put whatever they wanted. I thought about encrypted the information then sending it over and decrypting it on my end, but I doubt that would be very successful either because then they'd have the encryptor, and could just hijack my function(s) to encrypt false info as well. Anyone have any ideas?

[.josh]

use cURL to send it via post.  Make the forum owner give you (and update if necessary) the server IP address. Check the IP address making the request.  Also, assign a key to the forum owner.  Have the cURL script send that as well, and check to make sure it matches what you have on file.

[Michdd]

Technically the owner can still write their own script using cURL to send false information though, right?

[.josh]

Technically, yes. But you'd at least have it narrowed down to just him (or people with direct server access), rather than some random Joe.  But at that point, they could just flub the numbers in the DB anyways, and there's nothing you can do about that. 

[Michdd]

Alright thanks.