将 js amcharts 与 PHP 一起使用时出现安全问题
Security Issue while using js amcharts with PHP
将 js amcharts 与 PHP 一起使用,发现可以通过图表访问源代码和路径。如何阻止它,因为这可能是严重的安全问题。我是 PHP 的新手,请尽可能详细地回答。谢谢
PHP是一种服务器端语言amcharts.js runs on the client, meaning any data it receives must be accessible to the same client that is rendering the chart. You can't make data visible to the cart but invisible to the user, however if you want to limit what the user can see you can render the chart data as JSON in the containing html page (using json_encode) 然后将其作为变量传递给图表库,如:
<script>
var chart = AmCharts.makeChart("chartdiv", {
"type": "serial",
"theme": "light",
"marginRight": 70,
"startDuration": 1,
"graphs": [{
"balloonText": "<b>[[category]]: [[value]]</b>",
"fillColorsField": "color",
"fillAlphas": 0.9,
"lineAlpha": 0.2,
"type": "column",
"valueField": "visits"
}],
"chartCursor": {
"categoryBalloonEnabled": false,
"cursorAlpha": 0,
"zoomable": false
},
"categoryField": "country",
"categoryAxis": {
"gridPosition": "start",
"labelRotation": 45
},
"export": {
"enabled": true
}
"dataProvider": <%php echo json_encode($ResultsArray); %>
});
</script>
<!-- HTML -->
<div id="chartdiv"></div>
将 js amcharts 与 PHP 一起使用,发现可以通过图表访问源代码和路径。如何阻止它,因为这可能是严重的安全问题。我是 PHP 的新手,请尽可能详细地回答。谢谢
PHP是一种服务器端语言amcharts.js runs on the client, meaning any data it receives must be accessible to the same client that is rendering the chart. You can't make data visible to the cart but invisible to the user, however if you want to limit what the user can see you can render the chart data as JSON in the containing html page (using json_encode) 然后将其作为变量传递给图表库,如:
<script>
var chart = AmCharts.makeChart("chartdiv", {
"type": "serial",
"theme": "light",
"marginRight": 70,
"startDuration": 1,
"graphs": [{
"balloonText": "<b>[[category]]: [[value]]</b>",
"fillColorsField": "color",
"fillAlphas": 0.9,
"lineAlpha": 0.2,
"type": "column",
"valueField": "visits"
}],
"chartCursor": {
"categoryBalloonEnabled": false,
"cursorAlpha": 0,
"zoomable": false
},
"categoryField": "country",
"categoryAxis": {
"gridPosition": "start",
"labelRotation": 45
},
"export": {
"enabled": true
}
"dataProvider": <%php echo json_encode($ResultsArray); %>
});
</script>
<!-- HTML -->
<div id="chartdiv"></div>