Results 1 to 3 of 3

Thread: AJAX to PHP, Request to Server came from server?

  1. #1
    Join Date
    May 2007
    Location
    Boston,ma
    Posts
    2,127
    Thanks
    173
    Thanked 207 Times in 205 Posts

    Default AJAX to PHP, Request to Server came from server?

    On an ajax request would this come up as the ip address of the server, or is there another way to confirm that the request is coming from the server directly?

    $_SERVER['REMOTE_ADDR']
    Corrections to my coding/thoughts welcome.

  2. #2
    Join Date
    Mar 2006
    Location
    Illinois, USA
    Posts
    12,164
    Thanks
    265
    Thanked 690 Times in 678 Posts

    Default

    The computer on which the Javascript is executing would process the request and that computer's IP would be on the server.
    Daniel - Freelance Web Design | <?php?> | <html>| espa˝ol | Deutsch | italiano | portuguŕs | catalÓ | un peu de franšais | some knowledge of several other languages: I can sometimes help translate here on DD | Linguistics Forum

  3. #3
    Join Date
    Apr 2008
    Location
    So.Cal
    Posts
    3,643
    Thanks
    63
    Thanked 516 Times in 502 Posts
    Blog Entries
    5

    Default

    do you mean, you want to know if the ajax page is being requested from a page on your server or not?

    use $_SERVER['HTTP_REFERER']

    although it will work under normal usage, it is set by the user's browser, and can be changed or faked - so it's not good for anything critical.

    if you need something more reliable, you could set a token in the session (much like you would in a form to prevent outside submissions):

    on the first page (when user's session starts):

    $_SESSION['userip'] = $_SERVER['REMOTE_ADDR'];

    on the ajax page:

    if($_SESSION['userip'] == $_SERVER['REMOTE_ADDR']){
    /* request came from a legitimate visitor, so it's all good */
    }


    or something like that... never actually tried it before, but it ought to work.

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •