Reputation: 249
using ajax to post to php file - security
I am developing iOS app using phonegap. Users first have to register or log in. (ajax: post to php file on my webserver, like here: PHP AJAX login, is this method secure?).
Info needs to be sent to mySQL database, users can upload pictures, ...
Now I was wondering if there is a way to prevent other people from posting to my php files.
In my opinion, it would be quite simple to make some script to add thousands of fake accounts, or upload thousands of pictures.
I read: POST method, Ajax and Security?, but I don't seem to find a way to implement this in a phonegap app.
How do I make sure I am the only one who can use these php files?
Upvotes: 2
Views: 634
Answers (2)
Reputation: 1751
Save your PHP Session cookie and authenticate yourself using normal sessions in your app. That way you only have to authenticate yourself once.
Upvotes: 1
Reputation: 1280
You could add an auth token to the headers of your ajax request and check for this in your php. e.g.
$.ajax({ url: "https://your.url.com/page", headers: { "Auth-Token": "auth_key2134" } });
Upvotes: 0
Related Questions
- How to send data between ajax and php in secure way?
- Cordova jquery ajax post to server php file
- Cordova - jquery ajax post to php on server
- Cordova AJAX POST permission
- Ajax post to remote php file not working with phonegap
- AJAX with PHP on Web - Security
- Issue using Ajax to insert into mysql database
- Ajax post request security
- How can I make sure only my phonegapp ajax posts will be executed by php
- AJAX Security Help