Kayla_Vermont
New Member
A logged on user (session based) has a grid of his last transactions : \[code\]policyNum | someInfo-------------------------- 1000 ... 2000 ... 3000 ... 5000 ...\[/code\]When he clicks on a line ( the first line for example ( total=1000)) , he can see the details.(the result from server is json).\[code\] items | someInfo -------------------------- 100 ... 300 ... //100+300+600=1000 600 ...\[/code\]How I'm getting the data ? I collect the data (\[code\]policyNum\[/code\] ) into js object and send it to the server via jQuery ajax.however , the user can change the ajax request and seek for details for policies which he doesn't own.I dont want to run the sql query and then to find out that he doesn't belong those fake number policies.I want to stop it sooner.How can I implement it ?