How to block direct access to php file called by ajax function

It must be noted however that this is just a basic security step and it does not guarantee that a malicious user can not find a way to access the php file. This means that you should always make sure that your php code is secure.

// No direct access to this file 
define('IS_AJAX', isset($_SERVER['HTTP_X_REQUESTED_WITH']) && strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) == 'xmlhttprequest'); 
if(!IS_AJAX) {die('Restricted access');}

Subscribe to our Blog
Subscribe to this content and receive updates directly in your inbox.

This website uses cookies so that we can provide you with the best user experience. By clicking "continue" you agree to cookies being used in accordance with our Cookies Policy.