So i have this code...works well! and a user can't go in and look at the data directly, however I test using Fiddler, you can see the Data :(
Anyway possible to block this? Preferably not using .htaccess to restrict XML from server.
CODE:
<?php
/**
* Protecting xML
*
*/
include("uye/user.php");
$diger_eleman = $_SERVER['HTTP_USER_AGENT'];
$kullanici_adi = $_GET["username"];
$parola = $_GET["pass"];
$sorgula = mysql_query("SELECT * FROM uyeler WHERE kullanici_adi='{$kullanici_adi}' and parola='{$parola}'") or die (mysql_error());
$uye_varmi = mysql_num_rows($sorgula);
if( strstr($diger_eleman, 'Mozilla/5.0 (Windows NT 6.1; WOW64; rv:19.0) Gecko/20100101 Firefox/19.0') AND $uye_varmi > 0) {
readfile ("Location: http://www.Sample.com/Samplemain.XML");
exit;
}
else
{
echo str_repeat("<br>", 8)."<center><img src=uye/images/hata.gif border=0 /> Do you need anything ? Contact Us!</center>";
}
mysql_close();
?>
Program where i load the XML file is Python coded, hope that helps and anyone has any suggestions. Thank you.