How to make sure that a person does not see the results from the URL of the PHP script?

Question

How to make sure that a person does not see the results from the URL of the PHP script?

How to make sure that a person does not see the results from the PHP script url?

Recently, while viewing the source of the site that made the AJAX call, I tried to execute the link in the browser

www.site.com/script.php?query=value

Instead of getting the result that I expected to see, I saw a message stating that only scripts should view this page.

How do you limit the script to the fact that the script has access to it?

UPDATE:

here is the DEMO page page

+3

php

Jasondavis Aug 9 '09 at 11:00

source share

8 answers

Short answer: you cannot.

: , HTTP- ( Accept to application/json ). , . , , , . , , .

+10

John Meagher 09 . '09 11:05

. . post, , .

+6

Scharrels 09 . '09 11:05

HTTP- . - "" . , .

100%, .

+4

Henrik P. Hessel 09 . '09 11:07

, script , rpc.php(, net firebug):

X-Requested-With    : XMLHttpRequest

, setRequestHeader method, , activex, xmlhttprequest, .

+1

Kevin Vaughan 09 . '09 14:09

script AJAX, , AJAX , , script.

PHP , "" Apache PHP-, .

0

tomzx 09 . '09 11:07

php- "view" script ajax.

'index.php' .
PHP , , .
ajax .
ajax , .

, ajax.

, ajax . , .

http://us.php.net/manual/en/book.session.php

0

txyoji 09 . '09 13:38

php:

if (!defined('SOMETHING')) {
    die('only scripts have direct access');
}

index.php SOMETHING:

define("SOMETHING", "access granted.");

edit: , btw

edit2: , , ajax. , .

-2

koen 09 . '09 12:21

Tim · Accepted Answer · 2009-08-09T11:45:33+0000

with php you can only check and show results if the page is called via ajax

function isAjax() {
    return (isset($_SERVER['HTTP_X_REQUESTED_WITH']) && ($_SERVER['HTTP_X_REQUESTED_WITH'] == 'XMLHttpRequest'));
}

if(isAjax()) {
    // display content
} else {
    // not ajax, dont show
    echo 'Invalid Request';
}

How to make sure that a person does not see the results from the URL of the PHP script?

More articles: