由网友(蝴蝶飞不过沧海)分享简介：我要寻找一种方式用ajax发布用户的特定数据时验证用户的Facebook ID。I am looking for a way to verify a users facebook id when posting user specific data using ajax.我希望能够验证使用AJAX发布数据时，Fac...

我要寻找一种方式用ajax发布用户的特定数据时验证用户的Facebook ID。

I am looking for a way to verify a users facebook id when posting user specific data using ajax.

我希望能够验证使用AJAX发布数据时，Facebook用户ID是正确的。

I want to be able to verify that a facebook user id is correct when posting data using ajax.

问题是，如果我发布了Facebook的ID，作为我的ajax的数据部分，它可以在JavaScript中进行编辑。我能在服务器端的图形调用，但这些都是很慢，所以我想保持图形话费降到最低点。 preferably只称这是开头。

The problem being, that if I post the facebook id as part of my ajax data, it can be edited in the javascript. I could make a graph call on the server side, but these are really slow, so I want to keep graph calls to a minimum. Preferably only calling it at the beginning.

可在任何提出一个有效的/安全的方法？

Can any suggest an efficient/secure method?

推荐答案

在结束我的解决办法是抓住通过PHP SDK用户的Facebook的ID，并通过添加盐和MD5编码它创造它的哈希值。在发布表单我既包括Facebook的ID和散列。然后，我可以使用相同的盐值，仔细检查了Facebook的想法是使用它之前正确。这似乎为我的需要提供足够的安全性。

In the end my solution was to grab the users facebook id via the php sdk and creating a hash of it by adding a salt and encoding it with md5. When posting the form I include both the facebook id and the hash. I can then use the same salt value to double check that the facebook idea is correct before using it. This seems to provide enough security for my needs.