electricshoe
01-18-2008, 12:36 AM
I'm working on building the AJAX half of my php application. I have a lot of query functions, that are great, but pose a big security risk with ajax.
I'm trying to figure out how to get around this, I'll use some much more basic stuff to illustrate the problem.
http.open("GET", index.php?q='INSERT INTO table (id) VALUES ('foo')', true);
Okay so that means the user has the means to put whatever query they want into index.php. POST is just as vulnerable if someone writes javascript to access your php files from an outside domain as well.
So how do sites get data from a database using ajax securely? No I don't actually pass full queries to my application, but I need to pass query parameters like id's. Do I need to create session variables to store all of the query data and then just pass the session key to the ajax, or what??
Thanks very much for your help and insight:)
I'm trying to figure out how to get around this, I'll use some much more basic stuff to illustrate the problem.
http.open("GET", index.php?q='INSERT INTO table (id) VALUES ('foo')', true);
Okay so that means the user has the means to put whatever query they want into index.php. POST is just as vulnerable if someone writes javascript to access your php files from an outside domain as well.
So how do sites get data from a database using ajax securely? No I don't actually pass full queries to my application, but I need to pass query parameters like id's. Do I need to create session variables to store all of the query data and then just pass the session key to the ajax, or what??
Thanks very much for your help and insight:)