Hello ppl,
I’ve been playing with hava for a little bit. I can use it for simple tasks, but I’d like to embbed it into a bigger site.
The only problem is, how do i know if the request is legit.
for example. Let’s say i want to call method updateProfile() on the server side.
I’d send a ajax request with some arguments like age=xx&name=…
But what about the user ID. I dont want to send user ID trhough the URL.
ppl could replace it easily and mess with ppl profile.
is there anyway i can access the user id on the server side.
I tried using $_SESSION[‘id’] but it wasn’t working when i tested it.
I hope i was clear enough. I’ve been looking for a long time online now for the solution. could someone point me to the right direction?
thx in advance.