If we use the ajax interface we wrote on our website for ourselves, we can limit the source domain name and determine the source.
Note: Replace www.jb51.net with your own domain name.
Copy the code The code is as follows:
//Judge the source
if(!isset($_SERVER['HTTP_REFERER']) || !stripos($_SERVER['HTTP_REFERER'],'www. jb51.net')) {
echo 'cann`t access';
exit();
}
The above introduces how to prevent external malicious submissions from calling the ajax interface in PHP, including the content of ajax and php. I hope it will be helpful to friends who are interested in PHP tutorials.
![[Web front-end] Node.js quick start](https://img.php.cn/upload/course/000/000/067/662b5d34ba7c0227.png)
