Secure your request is very important since it will prevent someone to steal or to get in your datas. Following a way to do it.
You have to be able to generate a secure key from the server and after to affect the key the following code : $_SESSION[‘Env_UserSession’][‘AjaxKey’] = $key_sec
When you have to control the server, you have to verify very well POST or GET exists because if it is empty, it can be someone try to steal the content. If all are ok, you can deliver the content without any danger.