Jay Moore schreef: > I realize this isn't really about PHP, but I was hoping maybe someone > had a way to make AJAX a little bit more secure using PHP. > > I was thinking of making my AJAX calls also pass the current session id,
the browser should still send the session cookie for async requests. so you get this info for free. using one-time tokens isn't going to hurt at all (well a few extra CPU cycles, but whose counting :-)) > and have my PHP script check to make sure it's a valid id, but I'm open > to other ideas. > > Do you guys use PHP to make AJAX calls a little bit more secure? What > /do/ you use? > > I hope this isn't too off-topic. > > Thanks, > Jay > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
