preventing direct script access while using AJAX??

mband2000

Hello.. I'm using Ajax and PHP...

My major problem with ajax is the security.. and my only way to sorta prevent any hacking is to stop users from acesses the PHP script directly... I only want ajax/javascript to access the php script.

How can this be done?

I've tried the following:

if($_SERVER['HTTP_REFERER'] != $_SERVER['HTTP_HOST']){
	// cannot view page
}else{
	// run script
}

But that stops the ajax from working... How can I allow ajax to access the script but not anyone else?