Solved

Ajax and PHP - Alternative to "echo"

Posted on 2014-03-12
2
733 Views
Last Modified: 2014-03-12
Hi E's, when I use ajax and php, usually I use php "echo" to send the information to ajax, like this examples:
ajax.php
$(function(){
        $.ajax({
        type: "POST",
        url: "index.php",
        data: {"anything":anydata},
        success: function(dat){
                if(dat == ""){
                    alert("empty");
                } else {
                alert(dat);
                } 
        }
        });
});

Open in new window

index.php
<? echo "some data"; ?>

Open in new window

In this case the ajax call will return "some data", and that is correct.
The problem is when the malicious customer/client execute directly index.php, in this case will appear in the screen "some data". Off course this is a simple example with no value data, but this is just a example.
So my question is, have any alternative to the php "echo" to send data between php and ajax, that malicious client cant see when execute directly the php files?

The best regards, JC
0
Comment
Question by:Pedro Chagas
  • 2
2 Comments
 
LVL 108

Accepted Solution

by:
Ray Paseur earned 500 total points
Comment Utility
Basically the answer is "no," but you may be able to embed some kind of signal or indicator in the application.  For example, you can check $_SERVER['HTTP_REFERER'].  And you can check to see that the request method is POST.

The "problem" you describe is actually a useful debugging feature; it lets us debug the background script without having to use the jQuery script at the same time.  The isolation of functionality helps make for faster problem identification!
0
 
LVL 108

Expert Comment

by:Ray Paseur
Comment Utility
Thanks for the points and thanks for using EE, ~Ray
0

Featured Post

Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

Join & Write a Comment

Suggested Solutions

OverviewThis article demonstrates a simple search form using AJAX. The purpose of the article is to demonstrate how to use the same code to render a page and javascript (JQuery) and AJAX to make subsequent calls to refine the results. The princip…
Since pre-biblical times, humans have sought ways to keep secrets, and share the secrets selectively.  This article explores the ways PHP can be used to hide and encrypt information.
This tutorial will teach you the core code needed to finalize the addition of a watermark to your image. The viewer will use a small PHP class to learn and create a watermark.
The viewer will learn the basics of jQuery including how to code hide show and toggles. Reference your jQuery libraries: (CODE) Include your new external js/jQuery file: (CODE) Write your first lines of code to setup your site for jQuery…

728 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

9 Experts available now in Live!

Get 1:1 Help Now