I have the following XMLHttpRequest
:
# ....
var request = new XMLHttpRequest();
request.open('GET', 'controllers/get_date.php', true);
request.setRequestHeader('Cache-Control', 'no-cache');
request.setRequestHeader('fn', 'get_date');
request.setRequestHeader('day', '27/11' );
# ....
And get_date.php
looks like this:
if($_SERVER['HTTP_FN'] == 'get_date'):
$day = Common::sanitize($_SERVER['HTTP_DAY']);
$data = new MyFunction($day);
echo $data->my_data();
endif;
Basically I'm trying to get some data from $data->my_data()
and all of this is working fine. However as my back-end skills are quite limited. I am wondering if this is a proper way (considering mainly security) or if I should take another approach.