In the past, the front-end PHP was used for simple logic and output, and the backend layer php was used for data interfaces, so there was no worry that the front-end was exposed by backend mysql. But now I want to change the front-end to JS. If I want to expose the api layer and worry about mysql security issues, let's take a look at some good practices to avoid such problems... in the past, the front-end PHP was used for simple logic and output, and the backend layer php was used for data interfaces, so there was no worry that the front-end was exposed by backend mysql.
But now I want to change the front-end to JS. If I want to expose the api layer and worry about mysql security issues, can you see any good practices to avoid such problems?
Reply content:
In the past, the front-end PHP was used for simple logic and output, and the backend layer php was used for data interfaces, so there was no worry that the front-end was exposed by backend mysql.
But now I want to change the front-end to JS. If I want to expose the api layer and worry about mysql security issues, can you see any good practices to avoid such problems?
... It can still be encapsulated by the backend php, but the request is changed to ajax .. The data format used by ajax is json.
Js calls php and php accesses mysql again.
Don't say you areSQL. php? SQL = select * from table
This access form.
If yes, it will not be saved.
If not, php controls the security of data access, including cookies and one-time tokens.