PHP Security that allows AJAX to access

Axcelcius · October 31, 2007

I have two files. index.html and system_check.php. I was using the following code to prevent hackers from accessing system_check.php directly. The problem is that it also prevents index.html from accessing that file.

<?php
//Protects from Unauthorized Access
if(eregi("system_check.php", $_SERVER['PHP_SELF'])) die("Hacking Attempt");
?>

Is there an alternate way of denying direct access to system_check.php but will allow index.html to access it?

MadTechie · October 31, 2007

Opps miss-read..

it would be easier if index.html was index.php, is that possible ?

sKunKbad · October 31, 2007

I believe what I've seen is a simple check of the HTTP_Referer, and redirect to somewhere else or block access to anything that isn't from your domain.

kratsg · October 31, 2007

Why not use sessions?

index

session_start();
$_SESSION['confirmindex'] = true;

system_check

if(!$_SESSION['confirmindex']){die("I'm sorry, an illegal attempt to access this page has been identified.");}

Locked · October 31, 2007

Why not only allow the localhost to access the page? Basicly the same as what mysql does

Sign In

PHP Security that allows AJAX to access

Recommended Posts

Axcelcius

Link to comment

Share on other sites

MadTechie

Link to comment

Share on other sites

sKunKbad

Link to comment

Share on other sites

kratsg

Link to comment

Share on other sites

Locked

Link to comment

Share on other sites

Archived

Browse

Activity

Important Information