I'm developing an application composed of two elements: a simple PHP server interacting with a SQL DB and a client which on certain events will send information to the server to log.
I would like a way to somehow verify (on the server's side) that the incoming query is indeed coming from my client, because there is a possibilty that someone will decompile the client file and see how I connect and send commands to the server, and that would let them inject false data.
I have no idea how to do such a mechanism though simply because anything I implement in the client could (theoretically) be viewed after decompilation process. Or maybe obfuscation is a solution in this case?