{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://www.manongdao.com/data/attach/logo/logo.png', '推荐 Juvenile、少年° 的问题《jquery .load() doesn´t work due to the .htaccess f》','https://www.manongdao.com/q-1104968.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}
I have some dialog window with buttons, on the submit button I call this:
$("#delDiv").load("./protected/deleteUser.php?id="+id, function(data){
alert(data);
});
Problem is, that my /protected directory is protected with .htaccess file, where I had simply set
deny from all
so the .load() command doesn´t have access to that file. Is there any way to access that folder of file for this function?
The solution really depends on framework/application structure. In general I'd suggest to place
deleteUser.phpin publicly available directory, because everything you can call using AJAX will be available to opening directly in browser. In fact, you can check some headers in order to know if request is performed using AJAX or not, but they are very easy to fake.Also, if you are using any framework, it is better to use its controller+action system, not just a standalone script.