I am using a php server for comunicate with b4a
On client side i can send a parameter or any secure statement with parameters to php and thats return a response
But if some body decompile my app or sniff my post request then they can know the structure of a valid post request
now they can send a request without any limits frequently from any app or any simple html forms
So i decide to use a key on client and server side
Now if any requests sent to server then on php side i regenerate my key with a special algorithm and if both of them be equal then php return a valid response
Now for doing this on secure way,i use an string on process_global fore store my key
And when i want send a request ,i encrypt that by using md5 and combine my request with other statement and at last send it and on server side i split that string and chek my key,etc......
Now my problem just is store my key on client side however i know thats not any 100 % secure way to store a string except obfuscation
And by using any encryption lib the result is same because we should store our password key for decrypt that again.
And For more explain about this thread
https://www.b4x.com/android/forum/t...crypted-file-in-code.20976/page-2#post-328792
is relevant
@KMatle @Erel thank u both and excuse me 4 my english