shane18 Posted April 7, 2010 Share Posted April 7, 2010 When you make a request to a PHP page and it returns data... how can u make sure that someone doesn't go to http://www.yoursite.com/yourAJAXphpFILE.php and read that... i kno u can do a session check to make sure the user is logged in and has rights to the data on that page so that someone thats not logged in can't go to it and view data... but if u don't wanted logged in users seeing that data sent to the javascript via ajax.. how do u do it... is it even possible? Link to comment https://forums.phpfreaks.com/topic/197825-ajax-security/ Share on other sites More sharing options...
trq Posted April 7, 2010 Share Posted April 7, 2010 Its not possible to lock the pages and still have them available via Ajax. Ajax requests are just another request. Link to comment https://forums.phpfreaks.com/topic/197825-ajax-security/#findComment-1038173 Share on other sites More sharing options...
PFMaBiSmAd Posted April 7, 2010 Share Posted April 7, 2010 i kno u can do a session check to make sure the user is logged in and has rights to the data on that page so that someone thats not logged in can't go to it and view data... That IS exactly how you would do it. Link to comment https://forums.phpfreaks.com/topic/197825-ajax-security/#findComment-1038260 Share on other sites More sharing options...
shane18 Posted April 7, 2010 Author Share Posted April 7, 2010 Then I already had the right idea thanks Link to comment https://forums.phpfreaks.com/topic/197825-ajax-security/#findComment-1038663 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.