Recently I got interested into dynamic execution of scripts. That is, user clicks the button and the JavaScript part (or any other library attached to it) will send a request to a file with $_GET[]
or $_POST[]
data. Then PHP (preference) would execute the function or anything that it has been asked to execute and user gets a response, for example "It succeeded". So I went working onto it, and within 30 minutes I managed to get Ajax execute my commands, here are the files:
index.php
<script src="https://ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js"></script>
<input type="text" placeholder="The square root of" name="thecalc" id="inputing" />
<script>
$("#inputing").focusout(function() {
formContent = document.getElementById("inputing").value;
$.ajax({
url: "script.php",
type: "POST",
data: "multi=" + formContent,
success: function(msg){
alert(msg);
}
})
})
</script>
script.php
<?php
if (isset($_POST["multi"])) {
$toRoot = $_POST["multi"];
echo pow($toRoot, 2);
}
?>
Script works perfectly fine, of course, if you input a number, you get root of it alerted towards you, if you input a character, it would probably respond in NaN
, but nevermind, it works, and things like "integers only" rule can easily be implemented.
Soon though, I realized that if JavaScript is executing on client-side and so is Ajax, someone can just look up the source-files, and execute scripts manually. This wouldn't be a problem, because, why would someone on my theoretical website, take all this effort to execute their own commands like "edit-profile.php" instead of just pressing button and getting there in no time. I'm more afraid of someone who is not supposed to be a computer, like malware, mad extension or virus, that would find out they're on this website, they would find the vulnerability and then execute, let's say "delete-account.php", which is not really nice.
There has been people telling that "I" should create a Flash file which would, encrypt this data, they would know where it is going to, but they wouldn't know what the content of data was, but I'm not a Flash programmer and it's not really my style.
I'd really like to implement such function on my theoretical website, but I'd also like to keep it secure. I noticed DaniWeb uses this for upvoting/downvoting and editing the post. Is it possible that you could shine some light on it?