Hiding strings/keys & receiving encrypted data
Posted on 2007-10-14
Using Delphi 7..
Scenario: I have a delphi app which calls a php script.. this php script then connects to a MySQL db, authenticates their user/pass (passed as variables), and returns a list of names and URLs (direct link to their portfolios pdf) from the db. The list of names is displayed to the user (not the links). When a user double clicks on a name, their portfolio is downloaded and displayed.
Problem: I want to make sure no one can find out the direct link to the pdfs. Also, I'd like to protect the application from being cracked and given different strings.
I think what I need to find out is how to hide strings in my delphi code. I can store the links encrypted on the db, but I don't know how to hide the key from prying eyes in my delphi code. Also, how can I protect it from a cracker trying to feed his own urls into it? i.e. i want to prevent the app from being modified and used with a db other than mine, or even opening pdfs stored locally.
Any suggestions? Or better methods (but still as cheap) ?