pankajrathod84
asked on
Using Ajax in PHP for updating data in my sql database
HI,
I want to use Ajax to update data in the database for each of the small blocks in my site. I searched on net and found some code on w3shcools.com for updating mysql database using Ajax. In the example it used to call a PHP page using GET method and passing the parameters as query string.
I used it in my code and working good.
Now I want to know am I using right way to update database? As user can view the path of the php file and the parameters I am passing in the page source at browser. User can hack it very easily by simply calling my internal php page with passing parameter with GET method.
Is ther any way to improve security or any other way to update my database without page refresh.
I want to use Ajax to update data in the database for each of the small blocks in my site. I searched on net and found some code on w3shcools.com for updating mysql database using Ajax. In the example it used to call a PHP page using GET method and passing the parameters as query string.
I used it in my code and working good.
Now I want to know am I using right way to update database? As user can view the path of the php file and the parameters I am passing in the page source at browser. User can hack it very easily by simply calling my internal php page with passing parameter with GET method.
Is ther any way to improve security or any other way to update my database without page refresh.
hai
You can use 'POST' as well as 'GET'. Just change the
http_request.open('POST', url, true);
This is more than enough !!!!
And my kind advice is to use jquery ajax. If you want an example of jquery ajax using POST operation
i can help you and attach a sample file.
Regards
Jerome
You can use 'POST' as well as 'GET'. Just change the
http_request.open('POST', url, true);
This is more than enough !!!!
And my kind advice is to use jquery ajax. If you want an example of jquery ajax using POST operation
i can help you and attach a sample file.
Regards
Jerome
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
@hielo: >> yeah i have not read it properly
Thanx
Thanx
When working with AJAX, you can send the data via POST as well. Refer to the makePOSTRequest() function at:
http://www.captain.at/howto-ajax-form-post-request.php
IF you are really concerned about security, send a POST request over a secure connection (https://...)