by Oliver Jackson.
One way I do this is to use the URL resource.
It has a configurable set of parameters within the "URL Variables" section which can be added to the URL as POST data. One of these is an encrypted code which, I think, is an MD5 hash of a concatenation of the client's IP address and a secret phrase (configured in site-admin -> plugins -> activity modules -> url -> password). This hash can be compared with one calculated by your PHP script for the same client IP address to ensure trust in the username also passed in the POST data.
There is, of course, no way to provide password data but the MD5 match based confidence in the username is a good start.