I have table which read all the database from phpMyAdmin and dysplay it by php code. - I am also can update each cell on the table, example by using the the row of the table which equal to ID in my database and colume which equal to (first name,last name,password)everting work ok. so if the user click on the one of cell inside the table the jquery send by ajax the parameter ID and the colume one of the field(first name,last name,password). what is my problem? my problem is how can I prevent from haker or smart user which can see the jquery code and he will understanding that he can change the value of any ID or password parmeters and ajax can update database not the correct ID? supose I display to user table with 10 lines which have ID from 11-20 the user will change the ID parameter ID equal to 500 it can hapend.
$(document).ready(function()
{
var COLUME, VAL,ROW,STATUS,DATASTRING;
$('td').click(function() {
COLUME = $(this).attr('class');
});
//****************
$('tr').click(function() {
ROW = $(this).attr('id');
$('#display_Colume_Raw').html(COLUME+ROW);
//$('#display').html(COLUME+ROW);
$('#span' + COLUME + ROW).hide();
$('#input'+ COLUME + ROW ).show();
STATUS = $("#input" + COLUME + ROW).val();
});
//********************
$(".edittd").mouseup(function() {
return false;
});
//*************
$(document).mouseup(function() {
$('#span' + COLUME + ROW).show();
$('#input'+ COLUME + ROW ).hide();
VAL = $("#input" + COLUME + ROW).val();
$("#span" + COLUME + ROW).html(VAL);
if(STATUS != VAL){
$('#statuS').removeClass('statuSnoChange')
.addClass('statuSChange');
$('#statuS').html('THERE IS CHANGE');
DATASTRING=$('#display_Colume_Raw').html()+','+VAL;
//******ajax code
//dataString = $.trim(this.value);
$.ajax({
type: "POST",
dataType: 'html',
url: "./public/php/ajax.php",
data: 'DATASTRING=' + DATASTRING, //{"dataString": dataString}
cache: false,
success: function(data)
{
//alert(data);
$("#statuS").html(data);
}
});
//******end ajax
}
else
{
//alert(DATASTRING+'status not true');
}
});
});
