PHP

How to protect php script from external connections?

Hello gentlemen! Immediately on the subject! There is an application for vkontakte using the vk api plugin to get some data (id, name). There is also a database where all this data is loaded from time to time. through ajax request of the C2 engine to a php script on the server, and that one is already working with mysql . User accounts are tied to Vkontakte ID , their data, etc. And here is the problem itself, if someone finds out the path to the script, then by creating a copy of the application and replacing the value of the variables with the id of any user, he will be able to make requests on their behalf (VKontakte id). I need to solve this problem. I thought, can somehow prohibit the work with the script from external sources? The fact is thatthe application itself and the script are located on the same domain/server (the application is in the root directory, and the script is in the folder). I must say right away that I am far from programming, although I strive for this as best I can, but now there is a need to create such queries and work with php . Help, who knows! Thank you for your attention and thanks in advance!