How to prevent direct access to load content
I have a php page that uses the a load request (see bow). I would like to prevent people viewing the content directly. I understand I could possibly check the header (also see below) but this apparently can be easily hoodwinked. Any suggestions?
Header check;
- </php
- function is_xhr() {
- return @ $_SERVER[ 'HTTP_X_REQUESTED_WITH' ] === 'XMLHttpRequest';
- }
- if( is_xhr() ){
- // respond to Ajax request
- } else {
- // respond to normal request
- }
- ?>
The load request;
- $('.mydivcontainer').load('myContentFile.php');
Topic Participants
rsdesign2012
jakecigar