|
-
Jun 21st, 2007, 10:58 PM
#1
Thread Starter
WiggleWiggle
PHP + Ajax
i am looking at adding ajax to my site, and i just wanted to know how safe it would be to add it. Is there any security risks in using it?
also, does anyone know of any good examples?
My usual boring signature: Something
-
Jun 22nd, 2007, 04:32 AM
#2
Frenzied Member
Re: PHP + Ajax
Other than making your site javascript dependent (which it probably already is), nothing else change.
Just now javascript will use a xmlhttprequest to get a php function running, and let another function handle things when the function did a job.
Nothing to do with security, unless you already have security problems.
There are tons of examples on how to use ajax.
I suggest you learn how to make an xhtmlhttprequest, and how to work with it (you will need to know some javascript and dom).
Here's the xmlHttp.js file I use for working with that. Guess it wont make much sense at this stage.
Code:
var request = null;
/* nn-Wrapper function for constructing a request object
Parameters:
reqType: The HTTP request type, such as GET or POST
url: The url of the server program
asynch: Whether to send the data asynchronously or not
respHandle: The name of the function that will handle the response
Any 5th parameters, represented as arguments[4] are the data a
POST request is designed to send */
function httpRequest(reqType,url,asynch,respHandle) {
//create the XMLHttpRequest Object
request = createXmlHttpRequestObject(); // call to custom createXmlHttpRequestObject function
//allthough unlikely, make sure the XMLHttpRequest object have been created
if (request) {
if(reqType.toLowerCase() == "post") {
//if the request type is POST the 5th parameter is the POST data ;
var args = arguments[4];
if (args != null && args.length > 0) {
initRequest(reqType,url,asynch,respHandle,args) //call to custom initRequest function
}
} else {
initRequest(reqType,url,asynch,respHandle); //call to custom initRequest function
}
} else {
alert("Your browser does not permit the use of all of this application's features!");
}
}
/* nn-Function to create XHLHttpRequest object
Will create an object most suitable for current browser */
function createXmlHttpRequestObject()
{
// will store the reference to the XMLHttpRequest object
var xmlHttp;
// this should work for all browsers except IE6 and older
try
{
// try to create XMLHttpRequest object
xmlHttp = new XMLHttpRequest();
}
catch(e)
{
// assume IE6 or older
var XmlHttpVersions = new Array('MSXML2.XMLHTTP.6.0', 'MSXML2.XMLHTTP.5.0',
'MSXML2.XMLHTTP.4.0', 'MSXML2.XMLHTTP.3.0',
'MSXML2.XMLHTTP', 'Microsoft.XMLHTTP');
// try every prog id until one works
for (var i=0; i<XmlHttpVersions.length && !xmlHttp; i++)
{
try
{
// try to create XMLHttpRequest object
xmlHttp = new ActiveXObject(XmlHttpVersions[i]);
}
catch (e) {} // ignore potential error
}
}
// return the created object only if created
if (xmlHttp)
return xmlHttp;
}
/* nn-Initialize an allready constructed XMLHttpRequestObject
Parameters:
reqType: The HTTP request type, such as GET or POST
url: The url of the server program
asynch: Whether to send the data asynchronously or not
respHandle: The name of the function that will handle the response
Any 5th parameters, represented as arguments[4] are the data a
POST request is designed to send */
function initRequest(reqType,url,asynch,respHandle) {
try {
/*specify the function that will handle the HTTP response*/
request.onreadystatechange = respHandle;
request.open(reqType,url,asynch);
if(reqType.toLowerCase() == "post") {
//if the request type is POST the 5th parameter is the POST data
request.setRequestHeader("Content-Type", "application/x-www-form-urlencoded; charset=UTF-8");
request.send(arguments[4]);
} else {
request.send(null);
}
} catch (err) {
alert("The application cannot contact the server at the moment.\n " +
"Please try again in a few seconds.\n" +
"Error Details: " + er.message);
}
}
-
Jun 22nd, 2007, 06:45 AM
#3
Re: PHP + Ajax
AJAX should not make a site JavaScript-dependent. All scripting should enhance the site's functionality, not add to it. Make it work without any scripting, then enhance it using JavaScript.
-
Jun 22nd, 2007, 10:26 AM
#4
Frenzied Member
Re: PHP + Ajax
 Originally Posted by penagate
AJAX should not make a site JavaScript-dependent. All scripting should enhance the site's functionality, not add to it. Make it work without any scripting, then enhance it using JavaScript.
Yeah, but I ain't that good, and this mate is even behind me.
Why don't you give us an example?
-
Jun 22nd, 2007, 03:55 PM
#5
Thread Starter
WiggleWiggle
Re: PHP + Ajax
i have seen ajax in use on another forum, and i like it, it really makes it faster for the client. I would love to implement it on my site, if it is worth doing.
My usual boring signature: Something
-
Jun 22nd, 2007, 05:38 PM
#6
Fanatic Member
Re: PHP + Ajax
Yes, ajax is worth learning. My suggestion is to learn how it works using raw calls to the server. When you understands how that work you should move on to some library that has implemented all the low level stuff and gives you a higher abstraction layer to work with.
Never argue with fools, they will only drag you down to their level, and beat you with experience.
Q: How do you tell an experienced hacker from a novice?
A: The latter thinks there's 1000 bytes in a kilobyte, while the former is sure there's 1024 meters in a kilometer
-
Jun 22nd, 2007, 05:58 PM
#7
Thread Starter
WiggleWiggle
Re: PHP + Ajax
i started taking tutorials on VTC.com and they have helped a little
My usual boring signature: Something
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
Click Here to Expand Forum to Full Width
|
Reply With Quote