How can you make a php script only answer requests made from the same server?
How can I get my PHP script to only answer requests if the requesting script is on the same domain?
** Edit: The PHP file is being accessed by an ajax request and is proxy, so I don't want oth开发者_开发百科ers directly requesting it to come up, is this possible?
You could use $_SERVER['REMOTE_ADDR']
to compare the IP of the user requesting the page. Or you could simply make it a command line script that (obviously) requires you to run it from the command line.
edit:
You want to prevent people from using that script other than via AJAX? Impossible, as AJAX itself is executed by the client, as such the request starts there. And it will be always possible to call that script alone; you can make it harder, but you won't be able to prevent it.
There is no safe way to do that. Some developers will naively use the HTTP referrer header field, but anyone smart enough to abuse your ajax interface will have no problem forging the referrer.
You shouldn't be sending requests to your own server. You should include
the file and execute the functions directly.
精彩评论