doudao3170 2014-09-14 12:34
浏览 11
已采纳

打电话给ajax知道学分

Before one of my users realize an action, I need to know how many credits they have to see if they can do the action or not.

I do this using an ajax call, something like this:

jQuery.ajax({url: 'getCredit.php',
  type: 'POST',   
})

.done(function( data) {
    if (data.credit >= 1) { do the action }
});

My question is: Can't my users "cheat" changing the var (data.credit) to be always >1 with chrome console, or firebug?

What's the best way to ask for their credit?

EDIT: I have a form, and I want to check the credit when they click the submit button, so the form won't send if they have not enough credit to do it. I think this clarify it a bit.

Thanks.

  • 写回答

4条回答 默认 最新

  • duanba8173 2014-09-14 13:22
    关注

    You will have to check it again in the server side. From the point of view of UX is good for the user that you check the credit before the submit the form, but anyway you will have to check it again once the form is submitted on the server side. For example, since you're talking about current users:

    if($current_user->credit>1)
  doAction();

    Is the same with the form validations, you have to do it in client and server side, never trust the user.

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论
查看更多回答(3条)

报告相同问题?

悬赏问题

  • ¥15 ubuntu子系统密码忘记
  • ¥15 信号傅里叶变换在matlab上遇到的小问题请求帮助
  • ¥15 保护模式-系统加载-段寄存器
  • ¥15 matlab求解平差
  • ¥15 电脑桌面设定一个区域禁止鼠标操作
  • ¥15 求NPF226060磁芯的详细资料
  • ¥15 使用R语言marginaleffects包进行边际效应图绘制
  • ¥20 usb设备兼容性问题
  • ¥15 错误(10048): “调用exui内部功能”库命令的参数“参数4”不能接受空数据。怎么解决啊
  • ¥15 安装svn网络有问题怎么办