shopapps Posted February 10, 2014 Share Posted February 10, 2014 (edited) Hi, I would like to ajax some information into the backend interface for one of my modules. I have the ajax bit working, but would now like to add a level of security to it, so that only a logged in admin person is accepted in the modules adminajax.php file. Does anyone have any working example code to hand to point me in the right direction on how to do this? I'm guessing i need some kind of "token" to add to the ajax variables which can then be checked at the receiving end, but unless i'm reading in the wrong documentation I cant find reference to the best practise to achieve this. Many thanks in advance for any help. Edited February 10, 2014 by shopapps (see edit history) Link to comment Share on other sites More sharing options...
vekia Posted February 10, 2014 Share Posted February 10, 2014 check how the homeslider ajax works there is a code like: include_once('../../config/config.inc.php'); include_once('../../init.php'); include_once('homeslider.php'); $context = Context::getContext(); $home_slider = new HomeSlider(); $slides = array(); if (!Tools::isSubmit('secure_key') || Tools::getValue('secure_key') != $home_slider->secure_key || !Tools::getValue('action')) die(1); Link to comment Share on other sites More sharing options...
shopapps Posted February 10, 2014 Author Share Posted February 10, 2014 Great thanks for the pointer, will investigate tommorow. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now