CodeGuru Home VC++ / MFC / C++ .NET / C# Visual Basic VB Forums Developer.com
Results 1 to 8 of 8

Thread: php ajax a different way?

  1. #1
    Join Date
    Dec 2008
    Posts
    5

    php ajax a different way?

    first hello to all board members!

    i was wondering if there is a better way to develop php - ajax applications, i will show you how i work and tell you the problems with it and would love to hear suggestions.

    First i collect the data from the html page like this

    Code:
    xmlHttp=GetXmlHttpObject()
    if (xmlHttp==null) {
     alert('Your browser does not support AJAX. Contact your system administrator.');
     return
    }
    var url="validation.php"
    url=url+"?username="+document.getElementById('username').value
    url=url+"&password="+document.getElementById('password').value
    xmlHttp.onreadystatechange=analyzer
    xmlHttp.open("GET",url,true)
    xmlHttp.send(null)
    Then i process these inputs the way i like in the *.php file

    Then i analyze the results the following way

    Code:
    function analyzer(){ 
    if (xmlHttp.readyState==4 || xmlHttp.readyState=="complete"){
    
    var strg=xmlHttp.responseText;
    var arr= strg.split("|");
    
    for(i=0;i<=arr.length;i++){
    		switch (arr[i]) 
            {
    			case "correct":
    				document.getElementById("status").innerHTML=arr[i+1];
    				break;
    			case "incorrect":
    				document.getElementById("status").innerHTML=arr[i+1];
    				break;
          }
    }
    } 
    }
    This method satisfies all my needs in developing.. but the problem is

    1. User of the application can simply type in the *.js file path in their web browser and see the url formation.
    2. Normally the url variable names are the same like the php $variables
    3. Users will be able to manipulate the php if they type a similar url in the browser

    i know about session although i am not very good with that yet, but for instance in facebook i don't see any xmlHttp.responseText in there js code and worst in gmail all what they have in there code is one single <div></div> tag..

    what should i read to be able to write similar applications

  2. #2
    PeejAvery's Avatar
    PeejAvery is offline Super Moderator Power Poster
    Join Date
    May 2002
    Posts
    10,943

    Re: php ajax a different way?

    It seems as though you are relying way too heavily on JavaScript for security reasons. Anytime you use AJAX, anyone can view your source and figure out your URL, with the exception of the variables passed into it from forms. This is completely normal.

    Facebook and Google use responseText because it is one of the only two methods for retrieving data through AJAX. They have separate JS files which are minified, and even sometimes obfuscated.

    All security should come from server-side scripts...period! If you don't want users to access your script without going through your AJAX instance, then use PHP to check the referring page (HTTP_REFERER).
    If the post was helpful...Rate it! Remember to use [code] or [php] tags.

  3. #3
    Join Date
    Dec 2008
    Posts
    5

    Re: php ajax a different way?

    thanks for the reply,

    okay i learnt the two ways of retrieving data from AJAX they are for those who want to know

    1. reponseText (that holds strings of data)
    2. reponseXML (that hold the XML feedback)

    but i wasn't able to find how can i minify or obfuscate files.. can you just give me a link to start reading from... or a search term as i wasn't able to find useful info to do that..

    gud day 2 all

  4. #4
    PeejAvery's Avatar
    PeejAvery is offline Super Moderator Power Poster
    Join Date
    May 2002
    Posts
    10,943

    Re: php ajax a different way?

    Quote Originally Posted by kjason View Post
    okay i learnt the two ways of retrieving data from AJAX they are for those who want to know

    1. reponseText (that holds strings of data)
    2. reponseXML (that hold the XML feedback)
    No offense, but that is very basic. If you are just now finding this, before you proceed much further, you need to read W3School's AJAX section.

    Quote Originally Posted by kjason View Post
    but i wasn't able to find how can i minify or obfuscate files.. can you just give me a link to start reading from... or a search term as i wasn't able to find useful info to do that..
    Wow, you must not have even tried searching. If you just type "obfuscate javascript" or "javascript minify" it will return thousands of results.

    http://www.google.com/search?q=obfuscate+javascript
    http://www.google.com/search?hl=en&q=minify+javascript
    Last edited by PeejAvery; December 10th, 2008 at 09:19 AM.
    If the post was helpful...Rate it! Remember to use [code] or [php] tags.

  5. #5
    Join Date
    Dec 2008
    Posts
    5

    Re: php ajax a different way?

    thanks peej.. actually i just started software programming recently!

  6. #6
    PeejAvery's Avatar
    PeejAvery is offline Super Moderator Power Poster
    Join Date
    May 2002
    Posts
    10,943

    Re: php ajax a different way?

    We all have to start somewhere. Good luck!
    If the post was helpful...Rate it! Remember to use [code] or [php] tags.

  7. #7
    Join Date
    Dec 2015
    Posts
    1

    Re: php ajax a different way?

    Quote Originally Posted by PeejAvery View Post
    No offense, but that is very basic. If you are just now finding this, before you proceed much further, you need to read W3School's AJAX section.


    Wow, you must not have even tried searching. If you just type "obfuscate javascript" or "javascript minify" it will return thousands of results.

    http://www.google.com/search?q=obfuscate+javascript
    http://www.google.com/search?hl=en&q=minify+javascript
    Thanks, very useful information.

  8. #8
    PeejAvery's Avatar
    PeejAvery is offline Super Moderator Power Poster
    Join Date
    May 2002
    Posts
    10,943

    Re: php ajax a different way?

    Welcome to the forums zhoubin.

    Please don't revive 7 year old threads. it just clutters the forum with old info.
    If the post was helpful...Rate it! Remember to use [code] or [php] tags.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  


Windows Mobile Development Center


Click Here to Expand Forum to Full Width




On-Demand Webinars (sponsored)