Security Issue

[flash2070]

Hello,
I have an extension which hanles the database communication.
for example:
_sfsClient.sendXtMessage("databasePlugin", "insertData", dataObject...

the command above will execute the database plugin which will insert the data sent to the database.

the problem is:
every begginer hacker can reverse the code of the SWF and execute this command as he wish (and many times as he wish).

so, my question is if SFS supply some kind of Security in that issue.
how to handle this situation?

thanks in advanced

[BigFIsh]

This is the golden rule: Always do the database operations via serverside via prepared statements.

Also use _server.escapeQuotes to prevent database injection.

This assumes you have SFS Pro. If not, you may want to have a look at using .php instead.