Hi folks, I'm looking for a straightforward way to protect PHP files which are called via AJAX from being called from outside my application. Currently, someone could forseeably open the console and watch the javascript post variables to a public file (actions/delete_thing.php) and then use this knowledge to trash the place. I found this thread at stackoverflow which seems to cover the issue I'm looking at, but it's pretty intense and I figure there's an easier way but I'm not sure how. http://stackoverflow.com/questions/2486327/jquery-post-and-php-prevent-the-ability-to-use-script-outside-of-main-website It seems unlikely that this is the method everyone uses, but maybe not. Advice is nice. Marc -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
