Advertisement
Help Keep Boards Alive. Support us by going ad free today. See here: https://subscriptions.boards.ie/.
If we do not hit our goal we will be forced to close the site.

Current status: https://keepboardsalive.com/

Annual subs are best for most impact. If you are still undecided on going Ad Free - you can also donate using the Paypal Donate option. All contribution helps. Thank you.
https://www.boards.ie/group/1878-subscribers-forum

Private Group for paid up members of Boards.ie. Join the club.

Secure ajax calls with JQuery php

  • 05-03-2013 01:01PM
    #1
    Registered Users, Registered Users 2 Posts: 263 ✭✭


    Hi guys quick question - im looking to load data from database via ajax into a page. However the page that is being loaded via ajax needs to be protected. Im currently using sessions in the admin areas however the session doesnt exist on the ajax page so that is out. I know I can pass the parameter via ajax but that exposes the site and could easily be hacked. Has anyone got any recommendations?? I was thinking of using sha1() to encode the value of the session then could send this and the session value and check the on the other end by sha1 the session value and comparing it against the one being sent?? I dont know if this is the right way for making these requests and as always your input or suggestion is always appreciated.

    Regards
    B


Comments

  • Registered Users, Registered Users 2 Posts: 2,011 ✭✭✭colm_c


    Why wouldn't you have sessions on your Ajax calls? They are after all the same as any other php page.


  • Registered Users, Registered Users 2 Posts: 263 ✭✭swordsinfo


    colm_c wrote: »
    Why wouldn't you have sessions on your Ajax calls? They are after all the same as any other php page.

    The session value isn't available in the Ajax page. I can pass it as mentioned but opens it up for man in middle attack hence why I'm using the sha function aswell. My question is what is "the right" way??


Advertisement