I have a dataTable with server-side processing but I don't know how to secure the ajax call because if anyone go to the ajax php file can read all the content.
This is my jquery:
$(document).ready(function() {
$('#netflow').DataTable( {
aaSorting: [[ 5, "desc" ]],
responsive: {
details: {
renderer: function ( api, rowIdx ) {
var data = api.cells( rowIdx, ':hidden' ).eq(0).map( function ( cell ) {
var header = $( api.column( cell.column ).header() );
return '<p style="color:#00A">'+header.text()+' : '+api.cell( cell ).data()+'</p>'; // changing details mark up.
} ).toArray().join('');
return data ? $('<table/>').append( data ) : false;
}
}
},
processing: true,
serverSide: true,
ajax: "/adm/includes/netflow_processing.php",
} );
var oTable = $('#netflow').dataTable();
var table = $('#netflow').DataTable();
$('#netflow_filter input').unbind();
$('#netflow_filter input').bind('keyup', function(e) {
if(e.keyCode == 13) {
oTable.fnFilter(this.value);
}
});
// Añadir filtro para cad acelda
$('#netflow tfoot th').each( function (i) {
$(this).html( '<input type="text"/style = "width: 100%; " placeholder="Filtra...">' );
} );
// Aplicar filtro al introducir en cada celda
table.columns().eq( 0 ).each( function ( colIdx ) {
$( 'input', table.column( colIdx ).footer() ).on( 'keyup change', function () {
table
.column( colIdx )
.search( this.value )
.draw();
} );
} );
} );
And this is the ajax script:
<?php
$table = 'netflow';
$primaryKey = 'id';
$columns = array(
array( 'db' => 'flow_src', 'dt' => 0 ),
array( 'db' => 'flow_dst', 'dt' => 1 ),
array( 'db' => 'flow_proto', 'dt' => 2 ),
array( 'db' => 'out_packets', 'dt' => 3 ),
array( 'db' => 'in_packets', 'dt' => 4 ),
array( 'db' => 'flow_start', 'dt' => 5 )
);
$sql_details = array(
'user' => '6g43tfr3',
'pass' => 'XXXXXXXXX',
'db' => 'DBNAME',
'host' => 'bbdd.localdomain'
);
require( 'ssp.class.php' );
echo json_encode(
SSP::simple( $_GET, $sql_details, $table, $primaryKey, $columns )
);
How can I make a hash/token request?
