javascript - ajax revealing sql field names -
i have been working has used ajax phone call results database refresh results table oppose reloading html page.
the info beingness sent json php script exposing field names used in sql database.
is worry in terms of security? not sense comfortable filed names beingness visible on client side.
maybe way things done now, or there can done in php cut down potential risk?
you can hide things that. can illustration phone call getdata.php?type=employees , retrieve info reacting on type value.
of course of study have utilize aliases in query hide real fields name.
example:
select employee__name name employees i never reveal fields names in client script.
javascript php ajax
No comments:
Post a Comment