So, i'm making a game with a few friends. I'm currently trying to save locations of a player via AJAX requests to php. It is currently working. Let me explain what I need help with.
game requests save.php?name=theziggypops&locationx=223&locationy=134.
whatever, something like that.
the problem with this is, ANYONE can just put that in their address bar pretty much and move themselves anywhere they want. Whats the best way of stopping this? Is there a way to only allow the website to run php scripts?
If I didn't make anything clear, let me know.
(I didn't know what board to post this on)