This question already has an answer here:
I was just thinking .... if i have a ajax call, which calls a php file that gets some info from MySQL, wouldnt it be possible to edit the timeInterval with firebug or other editors, and make it spam the server with the call?
isnt that a security risk/flaw?
</div>
Even if it weren't possible (it is) there's nothing to stop someone from making frequent requests on their own rather than using your own script. You have to throttle service of the requests on the server side.