douzhan1935 2014-10-20 10:05
浏览 31
已采纳

阻止访问使用AJAX的php脚本

I made a script that is being used by only AJAX calls(checks for user and password and logs the user in). The problem comes when I want to prevent the user from accessing the script directly through his browser like mywebsite.com/login.php.

If I do something like

if ( isset( $_SESSION['id'] ) ) header( "Location: logged.php" );
else header( "Location: index.php" );

where logged.php is for logged in users, this will execute when the AJAX calls are done, as well, so it will redirect to index when the AJAX call is made. If I remove the 'else' part, they can access it directly.

  • 写回答

2条回答 默认 最新

  • douren4075 2014-10-20 10:14
    关注

    If I understand your question correctly you could add an extra POST var to your Ajax Call and do something like this

    if( $_POST["call"] == true ){
  //do ajax stuff 
}else{
  if( isset( $_SESSION['id'] ) ){
    header( "Location: logged.php" );
  }else{
    header( "Location: index.php" );
  }
}
    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论
查看更多回答(1条)

报告相同问题?

悬赏问题

  • ¥20 机器学习能否像多层线性模型一样处理嵌套数据
  • ¥20 西门子S7-Graph,S7-300,梯形图
  • ¥50 用易语言http 访问不了网页
  • ¥50 safari浏览器fetch提交数据后数据丢失问题
  • ¥15 matlab不知道怎么改,求解答!!
  • ¥15 永磁直线电机的电流环pi调不出来
  • ¥15 用stata实现聚类的代码
  • ¥15 请问paddlehub能支持移动端开发吗?在Android studio上该如何部署?
  • ¥20 docker里部署springboot项目,访问不到扬声器
  • ¥15 netty整合springboot之后自动重连失效