AJAX php files

slick101

Hey everyone

I have a website that uses AJAX in the javascript ill have the address to the php file ex lets say www.mysite.com/ajax.php?id=5 now I dont want the script to run if someone was to type it in the browser but to just work when the site uses it. So if they typed it it will redirect them to a homepage. any ideas?

1042

slick101;10890916 wrote:
Hey everyone

I have a website that uses AJAX in the javascript ill have the address to the php file ex lets say www.mysite.com/ajax.php?id=5 now I dont want the script to run if someone was to type it in the browser but to just work when the site uses it. So if they typed it it will redirect them to a homepage. any ideas?

You can maybe check for the referrer and redirect using header location if the referrer does not match your condition.

slick101

1042;10891076 wrote:
You can maybe check for the referrer and redirect using header location if the referrer does not match your condition.

how do you go by checking referrer?

NogDog

All I can think of would be to use sessions, generate a random token (such as via [man]uniqid[/man]) and then add that to the URL in your JavaScript AJAX request. Then only return from the file called by the AJAX request if the $_GET value for that token matches the session value.

This would not be a 100% solution, as once the user accesses the main page, he could look at the HTML source and figure out how to request the page directly, but he'd only be able to do that for as long as the session remained active, meaning that he couldn't just bookmark it and access it directly whenever he wanted to.