Preventing users hijacking ajax calls?

Preventing users hijacking ajax calls?

I am building a user-based online application using jquery, and I am concerned about the possibility of users being able to hijack my ajax functions. I'm sure there is a standard way of dealing with this, but I don't know what it is. I'm hoping one of you can tell me... ;-)
 
For example, if users are logged in, and want to send an instant message to each other, they can use a simple messaging system. An ajax call passes their message to a back-end handler script, like so:
 
  1. $.ajax({
     type: "POST",
     url: "back-end-handler.php",
     data: "from=" + FROM_ID + "&to=" + TO_ID + "&message=" + MSG,
     success: function(msg){
      alert( "Message Sent: " + msg );
     }
    });






 
Now what's to stop a tech-savvy user intercepting the form data and changing the FROM_ID to someone else's ID, to spoof that this message came from someone else?
 
Any help is greatly appreciated!