I am using an AJAX request to retrieve and display data from my database.
$("#flexitopicresults").flexigrid(
{
url: 'venuequery-json.php',
dataType: 'json',
colModel : [ (..)
(..)
}
venuequery-json.php obviously delivers a nice json-formatted version of the data contained in my database to the grid component. The problem is: how can I prevent others from calling the .php file directly and then get a ready-to-use dump of the content of my database (PHP, MySQL) ?
Use the same method you are currently using to secure the page that fetches the data to secure the ajax one (authentication via cookies or session or htaccess or whatever). You obviously trust that method enough to send it in first place.