Is there any way to pass variables to ajax script without exposing it in jQuery?

[mustardman]

I am developing a module using WHMCS sample provisioning module.

 

https://github.com/WHMCS/sample-provisioning-module

 

I have to do a bunch of things with AJAX accessing a remote database. One problem I am running into is that AJAX needs all variables passed to it via jQuery. There are some variables I don't want done that way for obvious reasons. Passwords for example.

 

The way I am getting around it right now is to connect to the database from the AJAX script and accessing variables that way. Also there is an internal API function for decrypting server passwords. It seems a bit kludgey to me though. Also creates a lot of duplication of code. It would be nice if I could access $params variables so I didn't have to do that and could reuse some of the main module functions. Maybe there is some trick to doing that I haven't figured out yet?

Edited August 4, 2016 by mustardman

[twhiting9275]

Setup an external script call. Put your database variables in there.

Something like the following JS:

function blah ( id, thefunc, value )
{

       var request = $.ajax({
               url: "yourscript.php",
               type: "POST",
               data: {

                       whatfunc : 'functionname',
                       token: Date.now()

               },
       });
request.done(function( jqXHR, textStatus ) {
 alert( "Request successful");

$("#tab4").load(location.href + " #tab4");


});
request.fail(function( jqXHR, textStatus ) {
 console.log(' "Request failed: " + textStatus ');
});
}

 

Then in yourscript.php

$mysql_username = 
$mysql_password =
$mysql_db  =
db_connect_functionality();
the rest of your code

 

As far as encrypt / decrypt, take a look at API:Encrypt Password and API:Decrypt Password, though if you're using cPanel, you want to be using the access hash instead of passwords.

Edited August 4, 2016 by twhiting9275
bad smilies

[sentq]

I am developing a module using WHMCS sample provisioning module.

 

https://github.com/WHMCS/sample-provisioning-module

 

I have to do a bunch of things with AJAX accessing a remote database. One problem I am running into is that AJAX needs all variables passed to it via jQuery. There are some variables I don't want done that way for obvious reasons. Passwords for example.

 

The way I am getting around it right now is to connect to the database from the AJAX script and accessing variables that way. Also there is an internal API function for decrypting server passwords. It seems a bit kludgey to me though. Also creates a lot of duplication of code. It would be nice if I could access $params variables so I didn't have to do that and could reuse some of the main module functions. Maybe there is some trick to doing that I haven't figured out yet?

if it were me, I will make all remote requests from server it self specially if you need to specify Password or any sensitive info, then AJAX calls will run internal URLs these URL will establish the remote call and return the result to AJAX