• 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
pseudo (or real) ajax db and view updating?


I have a bit of a query: I have a page that is making a bunch of calls to a database and displaying the information. In each of the respective bunches of info, there are edit, add, delete buttons. I would love if instead of linking to a pop-up (which they do now) where the info is $_POSTed into a form with a submit/cancel option that then $_POSTs the info to the respective controller that does the db add/edit/delete, have an ajaxified version. I'm trying (just to see if I can do it at all) to get the delete to work on one section.

I've tried a few things I've found via searching here, but can't quite get it to work.

Can anyone suggest a good approach (or the ~best). I was thinking have views that contain the div info for the respective section - at first - then duplicate the views for after the call is made to delete, then the controller that does the crud would call the new view and insert it into the respective div. I don't even understand what I just typed, so you can see what I mean about needing some guidance.

Muchos graciasio.

I think its perhaps a little easier than you think. You can either use AJAX to GET a certain URL, or POST a form. Either works - GET is simpler, but perhaps a touch dangerous as you could just 'visit' the link and delete something Wink

For get you might do mysite.com/controller/delete_function/5/username/specialhashcode

The 5 being the id of whatever you intended the script to delete, and your hashcode is something you might want to create for your protection to make it easier to see if a person has the right to delete what they want to delete.

For the hash, I like something simple and tricky like sha1( sha1($username) . sha1($password) ) - though the security function if at all dangerous should handle use_once sort of codes that are issued and stored so a session can't be stolen, faked, or shared.

So in your delete function you just make sure the person should be able to delete what they want to delete, and if so...delete 5 (whatever 5 happens to be to you - file, blogpost, etc) and you are done.

You can then send back to the browser something like, say, a JSON encoded response, or just a simple text string your AJAX can parse (like checking if "SUCCESS" is in the string to make sure what they wanted to delete could be deleted).

BrianDHall: Doublehashing values is LESS secure than a single hash with sha1 or md5, just a tip =)

Its not so much less secure, but actually just has a greater chance of collision (two different considerations, though in pure password verification scenarios they are basically the same). A single hash exposes something that shouldn't be exposed - such as the hashed value of a password, so a person could then take the value and run it for collisions on their local computer. Thus it is wise to mix something else in if you are actually going to send something to the browser, though the preferred method would be using a one-time random string and not a hash of any kind.

Though you do point out correctly that hashing together things is not more secure than just using a single hash, so you certainly have no reason to ever do something like $password = sha1(sha1($clear_password)).


Thanks very much for trying to point me in the right direction. Though, I think I may be giving up. I am saddened that as verbose as the user_guide is, there is nothing on ajax. The guide has been a tremendous help in building this app, and I wish to hell I could reference it for this problem.

For some reason, I just can't seem to figure out how to get the app to do what I want using the built-in ajax class. I'm pretty sure I got the deletion/POST part figured out, but I can't figure out how to get a response back to the view via json or otherwise.

And I'd be using $_POST Wink

Thanks again!


I don't know why I'm still working on this; 7 hours today alone :'''''(

Is it possible to get a concise example from anyone on wtf I need to do? I've read and re-read the CI ajax info, prototype docs, and hundreds of millions of posts on the forum here. It seems like this should be so simple, but I'm ready to go into nuclear meltdown and punch myself in the throat.

I tried giving up - but it bothers me that I can't get it to work and have resolved to figure it out if I don't commit interneticide first.


I have a view, k? In it it lists some crap from the db. It pulls that data from the controller, eh? So, in this view, I have something like this (I know it's gross):
function submit(){
                        new Ajax.Request('/uhh/delViaAJAX/$stuff/$id',
                          onSuccess: function(transport, json){
                              alert(\"YOU READ THIS BECUZ DUNNO\");
                            onFailure: function(){ alert('FAILDOZER') }

So it always alerts the onSuccess function.

The problem is that I can't seem to figure out what should be in the controller that is referenced in the js (/uhh/delViaAJAX/$stuff/$id)... I guess I'd have the code that did the db crap; but how do I send something, ANYTHING back to the page that has the form/data (where I pressed the delete button)?

Thanks to anyone willing to even read this, let alone respond...

Quote:To access the server response, use request.responseText, to find out the HTTP status, use request.status.

to clarify in case someone else is wondering: uh, the controller that gets called in the js (Ajax.request) is where the backend stuff happens (which we all already knew, uh, right?). You can simply put an echo in there or print_r or whatever and that'll be in the responseText via the parameters (e.g.
function submit$i(){
                        var options = {
                        onCreate: function() {
                            var container_div = $('updatingDiv$i');
                        onSuccess: function(transport){
                            var container_div = $('completeDiv$i');
                            container_div.update('<b>Crikey Deleted</b>');
      var response = transport.responseText;
      alert("Response is: " + response);

                            onComplete: function(transport){
                                var container_div = $('updatingDiv$i');
                                Effect.toggle('transDiv$i','appear', { delay: 1.0 });

                        onFailure: function(){ alert('Something went wrong...')}
                        new Ajax.Request('/radicalURI/DeleteJAX/$crikey/$zoom',options);
) to be alerted or trigger stuff or make you dinner or whatever. you can see it in the onSuccess function:
onSuccess: function(transport){
                            var container_div = $('completeDiv$i');
                            container_div.update('<b>Crikey Deleted</b>');
      var response = transport.responseText;
      alert("Response is: " + response);



Digg   Delicious   Reddit   Facebook   Twitter   StumbleUpon  

  Theme © 2014 iAndrew  
Powered By MyBB, © 2002-2021 MyBB Group.