I use ajax to submit value to the server. $.ajax({ type: POST, url: services.php,

Question

0

Asked: June 4, 20262026-06-04T07:00:50+00:00 2026-06-04T07:00:50+00:00

I use ajax to submit value to the server. $.ajax({ type: POST, url: services.php,

0

I use ajax to submit value to the server.

$.ajax({
type: "POST",
url: "services.php",
data: "a=1&b=2&c=3&d=4",
success: function(msg)
{
}
});

I face one problem. As you know, an experienced user can easily change the passing parameter value by keying following url in the browser url bar.

Eg: mywebsite.com/services.php?a=0&b=0&c=0&d=0

As far as I know, hashing (parameter +secret key) in Javascript. Then, I pass the parameter value together with hashed value to the server. Hashing(parameter +secret key) is done in php script. If both hashed values matches, it will update data in the database.

Basically,

In javascript: sort(parameter) -> join(parameter) -> md5(parameter)
In php script: sort(parameter) -> join(parameter) -> md5(parameter) -> compare both hashed values

Is there any suitable way to prevent it from being changed?

Thanks in advance.

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-06-04T07:00:51+00:00

Editorial Team

2026-06-04T07:00:51+00:00Added an answer on June 4, 2026 at 7:00 am

The trick is how do you keep the secret key hidden from the user in the javascript? If you expose it, the user can still make changes and just rehash the parameters. You can’t really prevent this sort of modification, which is why you need to sanitize and validate all the input on the server side.

0

Reply
Share
Share

- Report

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

I use ajax to submit value to the server. $.ajax({ type: POST, url: services.php,

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply