As you all know, the $.post
function for jQuery is quite awesome, but the problem I have with that is the person who views the source of the page can view where the data is going, thus moving towards that page to snoop around, or, God forbid find the folder where everything is kept. So my question is, who knows how to hide that, or, the best way to protect that information, no matter what the way is, to make sure that vulnerability is fixed. What solution do you offer?
It doesnt matter whether you use the jQuery post/get methods or your own created ones. Using Ajax to send and receive data from client to server will easily enable the user to see where its going. That is why the best practice is to just secure everything from the server side. Make sure to research secure PHP programming tactics, that is really all you can ask for when using Ajax.