php ajax url parameter -


is there concern if expose our php page in ajax, url param? i've seen website able hide .php or .aspx page. below production code. way improvise if poorly written it?

$("#login-submit").click(function(e){         e.preventdefault();         var vusername = $("#username").val();          var vpassword = $("#password").val();           $.ajax({             url: "postlogin.php",             type: "post",             data: {'action':'login-submit','username':vusername,'password':vpassword},             datatype: "json",             success: function(data) {                 if(data.status == 'success'){                     window.location.replace("index.php");                 }else if(data.status == 'false'){                     $('#errmsg').fadein('slow');                     $("#errmsg").html(data.errmsg);                 }else{                     $("#errmsg").html(data.status);                 }             },             error: function(){                 //window.location="profile.php"; //go error page if jquery got problem             }         });     });

hiding file extension seo principal. can use '.htaccess' or other site redirection tools redirecting request logical url physical path.

but if want add more security webapi must use authentication policy prevent resource access anonymous users.


Comments

Post a Comment

Popular posts from this blog

c# SetCompatibleTextRenderingDefault must be called before the first -

i tried search exception couldn't find solution on case i'am using code below invoke .net application : assembly assem = assembly.load(data); methodinfo method = assem.entrypoint; var o = activator.createinstance(method.declaringtype); method.invoke(o, null); the application invoked has form , in entrypoint of application : [stathread] static void main() { application.enablevisualstyles(); application.setcompatibletextrenderingdefault(false); //exception application.run(new form1()); } setcompatibletextrenderingdefault must called before first iwin32window object created in application. edit : assembly = assembly.load(data); methodinfo method = a.gettype().getmethod("start"); var o = activator.createinstance(method.declaringtype); method.invoke(o, null); you should create new method skips initialization...
Read more

c++ - Fill runtime data at compile time with templates -

i have specific situation in prepare runtime structures @ compile time without need duplicate code. i have 2 structs use register @ compile time types compiler wrote: using typeid = u8; template<typename t, typename type_id, type_id i> struct typehelper { static constexpr type_id value = std::integral_constant<type_id, i>::value; }; template<typename t> struct type : typehelper<t, u8, __counter__> { static_assert(!std::is_same<t,t>::value, "must specialize type!"); }; these used in config header macro specialize type<t> multiple types require: using type_size = unsigned char; #define get_nth_macro(_1,_2,_3, name,...) name #define register_type(...) get_nth_macro(__va_args__, register_type3, register_type2, register_type1)(__va_args__) #define register_type1(_type_) register_type2(_type_, _type_) #define register_type2(_type_,_name_) \ constexpr typeid type_##_name_ = __counter__; \ template<> struct type<_type_...
Read more

C#.NET Oracle.ManagedDataAccess ConfigSchema.xsd -

i'm not able find config schema file (configschema.xsd) of oracle.manageddataaccess itellisense in application configuration file. it supposed in odp.net managed driver files cannot find it... configschema.xsd xml schema file defines configuration section odp.net, managed driver. https://docs.oracle.com/cd/e48297_01/doc/win.121/e41125/installodpmd.htm after having installed oracle developer tools visual studio 2015, seems 2 schema files have been linked app.config file : oracle.dataaccess.common.configuration.section.xsd oracle.manageddataaccess.client.configuration.section.xsd both stored in : c:\program files (x86)\microsoft visual studio 14.0\xml\schemas
Read more