algiss Posted July 31, 2007 Share Posted July 31, 2007 Im using AJAX which calls php file using this string "file.php?postcode=IG11AA". The results as expected are succesfully printed out. But I dont wanna let people start playing with file.php and GET variables by accessing it directly from browser address bar (www.domain.com/file.php?postcode=IG11AA). How I grand access to file.php only from ajax application. and kill all other attempts to access it manually? Thanks for reply Link to comment https://forums.phpfreaks.com/topic/62665-protect-file/ Share on other sites More sharing options...
Philip Posted July 31, 2007 Share Posted July 31, 2007 In the PHP file check to see where the referrer ($_SERVER['HTTP_REFERER']) is coming from. If it's the correct IP/domain, then allow it, if not reject it. Link to comment https://forums.phpfreaks.com/topic/62665-protect-file/#findComment-311887 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.