FUDforum
Fast Uncompromising Discussions. FUDforum will get your users talking.

Home » Imported messages » comp.lang.php » php includes and ajax
Show: Today's Messages :: Polls :: Message Navigator
Return to the default flat view Create a new topic Submit Reply
Re: php includes and ajax [message #173097 is a reply to message #173095] Mon, 21 March 2011 01:37 Go to previous messageGo to previous message
Jerry Stuckle is currently offline  Jerry Stuckle
Messages: 2598
Registered: September 2010
Karma:
Senior Member
On 3/20/2011 8:35 PM, Lwangaman wrote:
> Ok you answered while I was formulating my next post; just wanted to let you know that I am doing user verification client side, for example the div that will be opened by the administrative buttons on the jquery-ui dialog will only exist on the page if you are an administrator. So even if you make the page believe you are an administrator it won't get you anywhere because you'll see buttons that don't actually do anything.
>
> But my problem is more than just user verification.
>
> For example, I have a div where a privileged user can fill out an event to be written to a calendar which is connected to a google calendar via a form submit. Instead of refreshing the page to submit the form I prefer to use ajax, so I have a php file called createEvent.php that has to include the ZEND GDATA libraries in order to submit the event.
> And I'm having the same include problems. These includes ARE server side. The ajax request is client side, coming from javascript, but the actual include IS server side because it's in my php file, not in my javascript file.
>
>

Which can easily be faked on the client. There is absolutely NOTHING to
prevent me from creating my own page with the buttons, for instance, and
submitting it to your server.

NEVER do verification client-side without server-side verification!

So what is your include problem? You have shown no PHP code so far.

--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
jstucklex(at)attglobal(dot)net
==================
[Message index]
 
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Previous Topic: PHP Developers needed
Next Topic: Cannot send emails
Goto Forum:
  

-=] Back to Top [=-
[ Syndicate this forum (XML) ] [ RSS ]

Current Time: Tue Nov 26 04:23:13 GMT 2024

Total time taken to generate the page: 0.04278 seconds