PHP Application & Ajax Request Security / Authentication

created October 14, 2013, last updated May 24, 2015.

.
closeThis post was last updated 8 years 11 months 7 days ago, some of the information contained here may no longer be actual and any referenced software versions may have been updated!

I have been using Ajax a lot recently in my PHP applications, especially in my Magento interfaces to retrieve order and customer information. Working with Magento in PHP you need to be careful you do not completely bypass Magento application security by creating open access to the Magento back end code via your PHP scripts, this is especially the case when using Ajax.

For a previous web site I looked at implementing best practice methods for implementing PHP session security and persistent login security for application logins. I revisited this code to create a PHP security class that I could quickly implement to add application login / persistent login security to a PHP app and additional authentication checks for Ajax requests.

The demo below shows the code in action, for login and Ajax authentication. Login using the demo username and password, then check the links out to read about the best practices implemented by the PHP class.

Source code on request.

 

Comments

    • PAJ says:

      If you login to the demo app in this post you will see links to the best practice php session / login security methods I have implemented.

This site uses Akismet to reduce spam. Learn how your comment data is processed.