I'm working a simple mobile app and I'm using HTML, CSS, Javascript, ajax, PHP and Mysql and Phonegap. The mobile app has a login and I'm using ajax to send the data to a php file located on a separate server if the login is successful the app loads a diferent page, only users that are register can see this page.
The problem that I'm facing is that when I'm on the next page I don't know how to verify that the user has the access. I was thinking on using a window variable or localstore but I don't know if this is a good idea or not.
Can some one point me in the right direction on this topic.
Just sit and think. Use localStorage.setItem if user is registered/logged on ajax call. Later control that on easy way. Check this example.
Ajax call:
$.ajax({
type: "POST",
url: "http://exampleUrl.com/php1/insert.php",
data: dataString,
crossDomain: true,
cache: false,
beforeSend: function() {
$("#insert").val('Connecting...');
},
success: function(data) {
if (data == "success") {
alert("You can login now!");
$("#insert").val('Wait...');
localStorage.setItem("logged", logged); // Save if user is successfuly registered and control on other page
//console.log(dataString);
loadiranje_paIndex();
} else if (data == "error") {
alert("Error! Try another username!");
$("#insert").val('Register');
/*location.href = '/register.html'; */
}
}
});
Related
I have a website that basically makes API calls and displays the data in a table; the API is on a different server from the website.
If the API server is down what is the best way to alert the user client-side (JavaScript) that the server is unavailable?
Could/Should I put the alert in the API call error handling (See code for example)? What is the best practice for this type of situation.
function apiCall(query, product){
var p = product;
var urlr='https://myFakeAPIUrl/api/'+query+'/'+ product;
$.ajax({
contentType: 'application/json',
crossDomain: true,
url: urlr,
type: "GET",
success: function (result){
alert("Yay, the API server is up.");
},
error: function(error){
console.log(error);
alert("Sorry, the server is down.");
}
});
}
var productData = apiCall("Produce", "112233");
I would ask myself what a user would like to see in this situation.
What I always do is putting a timeout on the Ajax request, whenever that timeout of e.g. 9999ms runs out, the user should get notified (with a toast, a heading, etc..) that something went wrong and that they should try it again later.
I'm going to use Facebook JS SDK to login users to my site.
function myLogin(){
FB.api('/me',{fields: 'name,email'}, function(response) {
if(response.email){
//Ajax call function
jQuery.ajax({
url: 'inc/social_logins/fb/account_auth.php',
type: "POST",
data: { func: 'nac', name: response.name, email: response.email},
success:function(data) {
if(data == 1){
window.location = "user_dashboard.php";
}
}
});
//Ajax call function ends
}
}
Above ajax request calls account_auth.php and it checks for accounts associated with the email comes with FB authorization. And if FB authorization returns true, it runs the myLogin() in the following logic.
function statusChangeCallback(response) {
if (response.status === 'connected') {
qksellLogin();
}
}
Everything works fine and gets redirected to the private dashboard area after FB login popup window closed.
What I want to do is, to block manual Ajax requests by unauthorized users.
Let's say if I can fake the response object and add someone else's FB name and email, then I call the above Ajax call function in the console, it still runs and logs in. That's terrible huh...
So, what actions may I want to take here ?
I am trying to log in into my webpage in IE browser, the problem is that it allows user to login but the headers and the interface made for login account does not shows up instead previously cached data is shown...and when i refresh the page then only user is able to see the new data for log in member...i am using spring and angular java script.
webpage works fine in other browsers.
thanks in advance
If your using ajax to load the data then you need "cache: false" in IE.
$.ajax({
url: url,
type: 'POST',
cache: false,
data:data,
success: function (result) {
}
});
I'm creating an API endpoint for a mobile app and for computer web browsers. Both devices use the same API endpoint with a POST request sent to /users/session for authentication. The mobile phone requires a 200 Status Code response. However, as login forms do, I need to redirect browsers to the home logged in page where the user can see their information. Do I return a 301 subsequently after? What is the best practice to implement this?
In summary: I need to use the same API endpoint for mobile and computer, but am unsure how to redirect while returning a 200 Status Code.
It seems like a 200 OK is the proper code to return upon successful login. This makes the API more generic and doesn't tie it to any particular use (mobile vs desktop). You might try placing the redirect logic in the desktop site itself and use ajax to submit the data. This will give you more flexibility for handling login errors as well. This is a basic example with jquery.
$.ajax({
type: "POST",
url: "/users/session",
data: loginForm,
success: function(){
//Redirect user to home page
window.location.replace("/home");
},
dataType: dataType
});
try this
$.ajax(serverUrl, {
type: "POST",
data: dataToSave,
statusCode: {
200: function (response) {
alert('200');
},
201: function (response) {
alert('201');
}
}, success: function () {
alert('1');
},
});
I implemented a system on my ASP.NET Web Forms site for passing notifications to the client. The notifications can be validation messages, success messages, warnings, errors etc. These messages are generated by code on the server side and then retrieved from the server via script on the client side and displayed.
On each page of my site I have embedded a JavaScript function that calls a web service (on the server side) via jQuery AJAX and requests the latest notifications. If there are notifications, they are displayed using Noty. On the server side, messages that have been sent to the client are removed from the queue.
This works pretty well. However, let's say I'm on a page called NewEmployee.aspx and they create a new employee by filling out a new form, and this generates some kind of notification such as "New Employee Created With ID 58478" and also takes them to the ViewEmployee.aspx page. If the postback happens slowly enough, the message will start to display while the user is still on NewEmployee.aspx but before the user arrives at ViewEmployee.aspx. The end result is that the notification is only displayed for a split second and the user never sees it.
I need a way in JavaScript on the client side to detect if the page is performing a postback. If I have that, I can prevent it from calling the webservice during a postback and have it wait until it completes. I want it to look something like this.
setInterval(oneSecondFunction, 1000); //check for messages every 1 second
function oneSecondFunction()
{
var IsPostingBackRightNow=GetIsPostingBackStatus(); //I need your help writing this function
if(!IsPostingBackRightNow)
{
$.ajax({
type: 'POST',
url: 'myurl/MessageService.asmx/GetCurrentMessage',
contentType: 'application/json; charset=utf-8',
data: JSON.stringify({ sessionid: sessionid, locale: 'en-US' }),
dataType: 'xml',
success: function (msg)
{
//show message via noty if there's a message
}
});
}
}
The post back is passing from the form, so you capture the onsubmit event on the form, and there you open your flag.
Here is how... add that on code behind
Page.Form.Attributes["onsubmit"] = "return GoForPostBack();";
to have this attribute also rendered on your form...
<form ... onsubmit="return GoForPostBack();">
and the javascript
var IsPostingBackRightNow = false;
function GoForPostBack()
{
IsPostingBackRightNow = true;
return true;
}
setInterval(oneSecondFunction, 1000); //check for messages every 1 second
function oneSecondFunction()
{
if(!IsPostingBackRightNow)
{
$.ajax({
type: 'POST',
url: 'myurl/MessageService.asmx/GetCurrentMessage',
contentType: 'application/json; charset=utf-8',
data: JSON.stringify({ sessionid: sessionid, locale: 'en-US' }),
dataType: 'xml',
success: function (msg)
{
//show message via noty if there's a message
}
});
}
}