That was only an example, the question is, how do I protect possibly
sensitive data sent by AJAX, so one user can't access other user's data?
Is the anwser just "don't do this with AJAX"?
----- Original Message -----
From: "Robert Cummings" <robert@xxxxxxxxxxxxx>
To: "Rangel Reale" <listas@xxxxxxxxxxxxxxx>
Cc: <php-general@xxxxxxxxxxxxx>
Sent: Friday, May 11, 2007 10:13 AM
Subject: Re: What is the best way to protect the PHP page thatreturns
the AJAX data?
On Fri, 2007-05-11 at 09:01 -0300, Rangel Reale wrote:
I would also like to know how people are dealing with this, how to you
make
sure people don't steal your data, sometimes it can be something simple
like
state names, but sometimes it can be your entire user/email database, who
knows?
State names and your entire user list are two different issues. State
names are almost certainly shown completely due to the need for state
selector lists. But I can't see any reason why you would have your
entire user list available.
Cheers,
Rob.
--
.------------------------------------------------------------.
| InterJinn Application Framework - http://www.interjinn.com |
:------------------------------------------------------------:
| An application and templating framework for PHP. Boasting |
| a powerful, scalable system for accessing system services |
| such as forms, properties, sessions, and caches. InterJinn |
| also provides an extremely flexible architecture for |
| creating re-usable components quickly and easily. |
`------------------------------------------------------------'
--
Internal Virus Database is out-of-date.
Checked by AVG Free Edition.
Version: 7.5.467 / Virus Database: 269.6.1/776 - Release Date: 25/4/2007
12:19
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
