Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
Possible Duplicate:
Securing a remote ajax method call
Is there a way to retrieve the name of the javascript file that called a php script from within the PHP code?
Unfortunately, since I have to call a PHP script from Javascript (for Google maps) on a webpage, this ‘invites’ to retrieve my data by just calling the PHP script by hand. Checking for the script/file that invoked the PHP script would bring at least some protection.
You could set a session variable with some random value on the server when your page is opened, and add that variable in the query string to your php script.
Then in your javascript-called php script, you start the session and check the session variable against the query one.