In the past I have used jqgrid like in the examples here. I this set of grids, you have to make your grid definition using Javascript, and I supply PHP scripts for server side callbacks. I have been researching jqgrid again recently, and I am interested in the PHP version.
In an effort to improve the security of my web apps, I would like to ask if there are security benefits (or detriments) to using the PHP over JS jqgrid?
分享 Not that I am aware of. As fbfcn stated, the PHP jqGrid is basically just a server-side wrapper around the JavaScript jqGrid to make it easier to use. The same underlying JavaScript code will still be executed on the client. You can verify this yourself if you inspect the JavaScript files included by the PHP examples and the code that is generated.
The bottom line is that you can build a secure web application using either technology. In both cases you need to protect against the same threats; make sure a grid's web requests cannot be used to expose unauthorized private data, make sure data displayed in the grid is properly escaped within the grid to prevent XSS attacks, etc.
分享
