Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 4 of 4
  1. #1
    New Coder
    Join Date
    Oct 2011
    Posts
    10
    Thanks
    1
    Thanked 0 Times in 0 Posts

    Should I be using Javascript/AJAX for this..?

    I'm writing a web app and so far:

    - the user enters some information on the web page
    - user data is submitted to a PHP script (using AJAX, so w/o a page refresh) which processes the data and generates a list of items that need to be returned to the user

    Now, I need to return the data -- preferably in the form of a list, where each returned item has a check box (so the user can choose which items in this list the subsequent operations will affect).

    However, can a PHP script effectively add/remove contents from such a checklist, or would this be something done better through Javascript only? For example: this, I think, or something similar.

    Luckily the PHP script that processes the data is short at this point, so I'd like to know whether I should rewrite it in Javascript (assuming Javascript can deal with REST well) to avoid a hassle.
    Last edited by gerbil; 10-10-2011 at 08:05 AM.

  • #2
    New Coder
    Join Date
    Oct 2011
    Posts
    10
    Thanks
    1
    Thanked 0 Times in 0 Posts
    While I am playing around with this idea, I have come across another issue (related to a thread I made in the PHP forum not too long ago).

    How do I go about keeping secret the API key that I use to access the RESTful API I'm using? I would try to include a js file on the server side -- so that it's unreadable (and the variable containing the API key is unreadable) by the user, but the functions/methods would be visible and usable to the public pages on my site... but I'm not sure how to include such a file. Is this possible? Or is there a better approach?

  • #3
    Supreme Master coder! Old Pedant's Avatar
    Join Date
    Feb 2009
    Posts
    27,118
    Thanks
    80
    Thanked 4,554 Times in 4,518 Posts
    Re your second post:

    When you generate the page that will make the RESTful call, generate a custom key for it that include the user's IP address and the time of day, encoded.

    So somebody can steal the key, but unless they use it from the same IP address within XX seconds (or minutes...you determined that) of the time it was generated, it will not do anything.

    Doing that, along with checking the HTTP_REFERER (which *can* be spoofed, so don't rely upon it alone) should get you about as safe as you can be without using SSL.
    An optimist sees the glass as half full.
    A pessimist sees the glass as half empty.
    A realist drinks it no matter how much there is.

  • #4
    Supreme Master coder! Old Pedant's Avatar
    Join Date
    Feb 2009
    Posts
    27,118
    Thanks
    80
    Thanked 4,554 Times in 4,518 Posts
    Regarding the message returned via AJAX: Up to you.

    I see nothing wrong with just returning a list of items in plain text and then using JS code and document.createElement() to then generate the needed checkboxes.

    I see nothing wrong with doing the same except returning a JSON-encoded array (though that seems mildly like overkill).

    I see nothing *reallY* wrong with simply returning formatted HTML and then using document.getElementById("cbHolder").innerHTML=xmlhttp.responseText (purists dislike this...so what...it works in all browsers).
    An optimist sees the glass as half full.
    A pessimist sees the glass as half empty.
    A realist drinks it no matter how much there is.


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •