防止恶意用户直接通过浏览器访问ajax页面获取到数据:

if ($_SERVER[‘HTTP_X_REQUESTED_WITH’] != ‘XMLHttpRequest’) {
    $date[‘status’]=40001;
    $date[‘msg’] = ‘非法请求’;
    echo json_encode($date);
    exit();
}