helloo :)

imagine I have an htm page on which a client can make an order. The actionscript is php, which saves all data in a DB.
Can I secure the ordering page so an evil visitor can't make bad orders externally?

cheers

You'll need to use your PHP to validate the form and make sure all the details have been properly filled in and you'll need SSL or TLS to encrypt the data. You've already got yer PHP so I'm sure you'll be fine with that end of the form. Depending on your server, the SSL (for making https:// URI's) can come in different ways. I run a Linux server so I use OpenSSL (http://www.openssl.org). I can't remember if you can use it on a windows box or not, not sure. I think it works on Mac boxes though. Once you have that, you'll need to generate a private key so you can create a certificate signing request. This is where you get a Certificate Authority (like verisign for example) to give you a certificate, put their stamp of approval on it, and charge you astonishingly extortionate amounts of money for the pleasure. Once you have your certificate, you just tell your web server where your certificate is and enable ssl on the server.

If you rent your server from a hosting company though, they will sort everything for you. Just ask them what their deal is with SSL and what they can do for you. ;)