Hi i am working on a app for facebook and bebo
when i had sometesters in 2 used firebug and we found out that they can change the prices of things and get them for free
i have had lots of people tell how it needs sorted but not sure
some say i need to make db tables read only and as they are set up and i am new to this i am not sure how to do this

have deen told to protect my ocode and db

can any one help on how to protect this
please email me

garymcgill77:msn.com

many thanks gary

if they are exploiting weknesses in your code on Facebook you are propbably better off seeking advice form people specialising in Facebook & Bebo applications.

you will almost certainly get good generic advice from here on web security, such as making sure your users can't use SQL injection attacks , but in practice you need to use that within Facebook & Bebo

first off I'd reccommned you plough through the stuff on
securing Facebook apps

how would i set some tables to read only as i am new to db
and have had a look and cant find how to do this

you can set that through appropriate use of user permissions
ie you GRANT whatever permissions are needed.. look at the MySQL manual for security permissions

however the most likely way they can be doing this is through SQL injection attacks, you need to make certain your code doesn't allow SQL injection attacks.. thats a coding issue, thats an issue specific to your application, hence why I suggest you investigate facebook application advice, something that I suspect is thin on the ground here