Originally Posted by auriaks
If you enter browser dev tools, you can see what I am sending to my ajaxEngine.php
In this case I assume that this request can be made by hacker with some other harmful script included.
How secure is to use this way??
the php should only do what you allow it to, no matter what the input.
ajax alone doesn't really provide any more or any less security than using forms alone
anytime you accept input in a back-end, you much validate the data and perhaps the requester to maintain legitimacy.
BROWSER STATS [% share]
(2013/10/31) IE7:0.5, IE8:8.6, IE9:5.3, IE10:12.3, FF:17.7, CH:41.8, SF:8.1, MOBILE:20.4