Submit questions to Master PHP post

Ask a master: Php post submission problem
Shrimp made a program: through the AJAX technology call background PHP execution process to MySQL write database, the function is realized.
Later found that users through the URL directly pieced together parameters manually through the URL input method to invoke PHP execution process.
Question 1: Is there any good way to prohibit direct manual submission to the background through the URL?
I looked up some help to the effect that before the submission: by Time t to the background to obtain the corresponding encryption key value K1,
When formally committed, both T and K1 are committed, the background is re-encrypted by T K2, if K1 is the same as K2, the write to the database procedure.
Issue 2: This method increases the acquisition of the key value K1 this process, certainly more time than not getting K1. Is there any way to circumvent it?
Issue 3: Get the Encryption key value K1 this process and how to ensure that no one else directly by hand through the URL to the background call it?
I beg your advice!
Thank you first!

Php?post Submit

Share to:

------Solution--------------------
Using sesseion can prevent malicious injection of data by: http://www.ibihuo.com/show-60.html
------Solution--------------------
In the foreground with JS to make the restrictions and judgments in PHP to judge again otherwise you said this bypass JS verification when the tragedy
------Solution--------------------
The parameters on the address bar, can be used $_post to? You use $_post in the program to receive only son data from the table. If he uses the address bar to input parameters directly, will $_post receive?

