dongmale0656 2013-09-08 11:42 采纳率: 100%
浏览 104

隐藏ajax上的var数据

I am making AJAX like function but I have problem that bad user can change the value into any other current user. So, how can I prevent this thing?

$live = 'user1';
$fol = 'user2';

function ajax(like){
    var data = 'like='+like+'&CURRENTUSER=<?php echo $live; ?>&TOFOLLOW=<?php echo $fol; ?>';
    $.ajax( {
        type: 'POST',
        url: 'ajax.php',
        data: data,
        success: function(e) {
            $('#success').html(e);
        }
    });
}

Also I want to move this ajax function into ajax.js file, but i am have problem in getting the value $live and $fol of users because echo $live doesn't work on .js. So, is there any way to do this like Facebook, Twitter AJAX function does ?

  • 写回答

3条回答 默认 最新

  • dsue14118 2013-09-08 12:04
    关注

    This solution works for apache web-server. For interpreting JS file using php, add this line to your .htaccess file:

     AddType application/x-httpd-php .js

    And put your script inside ajax.js. One other way is using rewrite URL:

     RewriteEngine On
 RewriteRule  ^ajax.js$    ajax.js.php  [L]

    And put your scripts inside ajax.js.php file. Of course, all these are if you want to show your URL as JS file.

    at the top of your ajax.js or ajax.js.php file, before any kind of output, put this:

    header('Content-Type: application/javascript');
    评论

报告相同问题?

悬赏问题

  • ¥15 一道python难题
  • ¥15 用matlab 设计一个不动点迭代法求解非线性方程组的代码
  • ¥15 牛顿斯科特系数表表示
  • ¥15 arduino 步进电机
  • ¥20 程序进入HardFault_Handler
  • ¥15 oracle集群安装出bug
  • ¥15 关于#python#的问题:自动化测试
  • ¥20 问题请教!vue项目关于Nginx配置nonce安全策略的问题
  • ¥15 教务系统账号被盗号如何追溯设备
  • ¥20 delta降尺度方法,未来数据怎么降尺度