shane18 Posted April 7, 2010 Share Posted April 7, 2010 When you make a request to a PHP page and it returns data... how can u make sure that someone doesn't go to http://www.yoursite.com/yourAJAXphpFILE.php and read that... i kno u can do a session check to make sure the user is logged in and has rights to the data on that page so that someone thats not logged in can't go to it and view data... but if u don't wanted logged in users seeing that data sent to the javascript via ajax.. how do u do it... is it even possible? Quote Link to comment https://forums.phpfreaks.com/topic/197825-ajax-security/ Share on other sites More sharing options...
trq Posted April 7, 2010 Share Posted April 7, 2010 Its not possible to lock the pages and still have them available via Ajax. Ajax requests are just another request. Quote Link to comment https://forums.phpfreaks.com/topic/197825-ajax-security/#findComment-1038173 Share on other sites More sharing options...
PFMaBiSmAd Posted April 7, 2010 Share Posted April 7, 2010 i kno u can do a session check to make sure the user is logged in and has rights to the data on that page so that someone thats not logged in can't go to it and view data... That IS exactly how you would do it. Quote Link to comment https://forums.phpfreaks.com/topic/197825-ajax-security/#findComment-1038260 Share on other sites More sharing options...
shane18 Posted April 7, 2010 Author Share Posted April 7, 2010 Then I already had the right idea thanks Quote Link to comment https://forums.phpfreaks.com/topic/197825-ajax-security/#findComment-1038663 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.