JavaScript - PHP HttpRequest安全问题[重复]

I am creating an application using JavaScript and PHP.
I post my data to a PHP file and then the PHP file insert my data into the MySQL database. All good but I have some doubts about security because my dom can be easily manipulated using the browser.

For example my code like below

var req = {
            method: 'POST',
            url: 'phpfile/send_message.php',
            headers: {
                'Content-Type': undefined
            },
            data: {
                "UserId": UserId,
                "Message": Message,
                ...
                ..
            }
        };
        $http(req).then(function successCallback(response) {
                //Do Something
        }, function errorCallback(response) {
                //Do Something
        });

anyone can put a breakpoint in this code and easily can change the UserId, therefore, the message sends to another user.

Ok, I know I can minify my Script but I think this is not enough. If someone wants to change data, he can find the code easily.

Is there any way to prevent this? Any information you can provide me would be greatly appreciated.

</div>
dprfe04886
dprfe04886 'Content-Type':未定义<-为什么?带数据的POST请求应始终具有内容类型
大约 2 年之前 回复
dou1908
dou1908 您也无需编辑代码,只需编辑请求即可。如果您的系统将用户隔离为仅与朋友交谈,那么也应该使用逻辑服务器。如果UserId来自用户那么那应该是服务器端会话,如果是用户,那么只需检查用户是否可以发送给他们。
大约 2 年之前 回复
Csdn user default icon
上传中...
上传图片
插入图片
抄袭、复制答案,以达到刷声望分或其他目的的行为,在CSDN问答是严格禁止的,一经发现立刻封号。是时候展现真正的技术了!
立即提问