matteo
Reputation: 147
How to block a php script from being executed directly from address bar?
I have something like this:
$.getJSON('/scripts/commons/theScriptDoTravelBackInTime.php',{
}, function(){
// etc.. etc...
}
});
Is there a way to stop the php script from being executed simply by a direct call in the address bar like http://www.myserver/scripts/commons/theScriptDoTravelBackInTime.php ?
Maybe outputting an echo "Hey no cheating !"
Upvotes: 1
Views: 671
Answers (4)
Fletch
Reputation: 963
You could look at the HTTP-Referer data. If it's blank, then it came from typing or pasting the URL. If it's not blank, then that field will show you where the link came from.
Upvotes: 0
Sumair Zafar
Reputation: 98
If you use zend framework there is a nice way of checking it
if($this->_request->isXmlHttpRequest())
{
//The request was made with JS XmlHttpRequest
}
Upvotes: 0
wesside
Reputation: 5740
This is what the kohana framework uses:
public static function is_ajax()
{
return (isset($_SERVER['HTTP_X_REQUESTED_WITH']) AND
strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) === 'xmlhttprequest');
}
Upvotes: 0
user557846
Reputation:
basic, not 100% safe, but commonly quoted
if($_SERVER['HTTP_X_REQUESTED_WITH'] == 'XMLHttpRequest') {
//your code
}
Upvotes: 2
Related Questions
- How to stop a PHP exec from web interface
- Prevent access to a php script that uses AJAX
- How to prevent execution of javascript from a browser's address bar?
- how to make sure a php is run only from a particular page
- Block direct access to PHP file except from AJAX request?
- block direct access to PHP file and only allow local javascript to access it
- Disallowing PHP file to be accessed directly
- Disable redirection script
- PHP: How to prevent direct access to JavaScript files?
- Preventing jQuery from Loading