I have written a code using Google Friend Connect, that:
1. If someon want to reg an account, they loggin with GFC
2. get
Person.Field.ID and check if it existed in database or not (by
ajax - php)
3a. IF TRUE Creat an session.
3b. IF NOT insert this ID (with Nam and some thing else) to Database.
4. do something in server-side
But the issue is.....they can easyly fake and insert this ID to my
Database.
Maybe they can use cURLs (in PHP) or some method in the orther
languages and send some thing to my database, after that, when i get
some info with this ID, maybe that is the ino of someone else!
So is this dangerous!? How can I avoid this!? (Please no REST API I
just like JS API)