Re: [PHP] What is the best way to protect the PHP page that returns the AJAX data? [solved]

On Fri, May 11, 2007 9:59 pm, [EMAIL PROTECTED] wrote: Set ajaxObject.setRequestHeader(User-Agent,SecretName); in Javascript and check for it in PHP. Not fool-proof, but the average person wouldn't be able to get in. Unless the user View Source and read your AJAX code... This is not going to

Re: [PHP] What is the best way to protect the PHP page that returns the AJAX data? [solved]

Richard Lynch wrote: On Fri, May 11, 2007 9:59 pm, [EMAIL PROTECTED] wrote: Set ajaxObject.setRequestHeader(User-Agent,SecretName); in Javascript and check for it in PHP. Not fool-proof, but the average person wouldn't be able to get in. Unless the user View Source and read your AJAX code...

Re: [PHP] What is the best way to protect the PHP page that returns the AJAX data? [solved]

On Fri, 2007-05-11 at 22:12 -0700, [EMAIL PROTECTED] wrote: I don't see you giving a solution. The solution is the same as for any session in which you want to protect data. It hardly needs covering yet again. Read the archives. Cheers, Rob. On 5/11/07, Robert Cummings [EMAIL PROTECTED]

Re: [PHP] What is the best way to protect the PHP page that returns the AJAX data? [solved]

On Friday 11 May 2007 12:45, Robert Cummings wrote: On Thu, 2007-05-10 at 21:23 -0700, Daevid Vincent wrote: Thanks for the suggestion and concern. Fear not, I'm a PHP Guru as mentioned. A Guru would have spent 60 seconds testing to see if the session_start() scenario worked BEFORE posting

Re: [PHP] What is the best way to protect the PHP page that returns the AJAX data? [solved]

Robert Cummings wrote: A Guru would have spent 60 seconds testing to see if the session_start() scenario worked BEFORE posting to the list :B /me was thinking the same -- Regards, Clive. Real Time Travel Connections {No electrons were harmed in the creation, transmission or reading of

Re: [PHP] What is the best way to protect the PHP page that returns the AJAX data? [solved]

Set ajaxObject.setRequestHeader(User-Agent,SecretName); in Javascript and check for it in PHP. Not fool-proof, but the average person wouldn't be able to get in. On 5/11/07, clive [EMAIL PROTECTED] wrote: Robert Cummings wrote: A Guru would have spent 60 seconds testing to see if the

Re: [PHP] What is the best way to protect the PHP page that returns the AJAX data? [solved]

On Fri, 2007-05-11 at 19:59 -0700, [EMAIL PROTECTED] wrote: Set ajaxObject.setRequestHeader(User-Agent,SecretName); in Javascript and check for it in PHP. Not fool-proof, but the average person wouldn't be able to get in. Bleh, do it right. Don't settle for half-assed solutions that rely on

Re: [PHP] What is the best way to protect the PHP page that returns the AJAX data? [solved]

I don't see you giving a solution. On 5/11/07, Robert Cummings [EMAIL PROTECTED] wrote: On Fri, 2007-05-11 at 19:59 -0700, [EMAIL PROTECTED] wrote: Set ajaxObject.setRequestHeader(User-Agent,SecretName); in Javascript and check for it in PHP. Not fool-proof, but the average person wouldn't

RE: [PHP] What is the best way to protect the PHP page that returns the AJAX data? [solved]

Thanks for the suggestion and concern. Fear not, I'm a PHP Guru as mentioned. I never said that I execute the code directly like that. Perhaps my query keyname was a bit misleading. Would http://example.com/gimmedata.php?id=3foo=barmap=on have been more clear? I also am not so silly as to run

RE: [PHP] What is the best way to protect the PHP page that returns the AJAX data? [solved]

On Thu, 2007-05-10 at 21:23 -0700, Daevid Vincent wrote: Thanks for the suggestion and concern. Fear not, I'm a PHP Guru as mentioned. A Guru would have spent 60 seconds testing to see if the session_start() scenario worked BEFORE posting to the list :B Cheers, Rob. --