Appending my jsession ID at every ajax call by Jquery - javascript

I am running my web application on Weblogic
application server.I am making several ajax calls in my application via Jquery UI $ajax and other Jquery Plugins (i.e. Jquery Datatables and JSTree)
Now i need to maintain same session in all these calls.Any user in the same session should only be allowed to do this.For this i am trying to append the JSESSIONID to every ajax call.
The problem with this approach is that i don't know how to get this value in my javascript file.If i write my code in JSP ,i can do that but in javascript i do not know of a way to do this.
Please help me with a way to set it into Jquery so that it gets passed with every request.
Thanks

The best solution is to put it in a session cookie, which will be passed with the AJAX requests and can be interpreted by the server. No changes needed to any JavaScript AJAX requests.
The next would be more complicated. You could write a jQuery.ajaxSend() function that checks the request url (to make sure it's one you need to add the session ID to) and add the sessionID to the data object before the AJAX request is made.

Related

can AJAX do anything else than load a JSON file?

I'm want to (or think I need to) use AJAX to accomplish what I intend.
When clicking on a specific link in a list of links, I want to fill the HTML markup below with content of specific subpages. The data is naturally somewhere in the database and actually easily accessible with the CMS's API (I'm using Processwire).
I'm quite new to coding and especially AJAX and all documentation I find online only mention it in combination with a JSON file that would be loaded via AJAX.
However, I don't have a JSON file on the server, that means, according to my understanding, I would need to
store the data I need in a multidimensional php array,
use json_decode to create and then save that JSON-file on the server,
load that file via AJAX and process through more JS.
Let alone keep that JSON-file updated (or create a new one and delete the old one?) since new content will arrive periodically. It seems unnecessarily complicated to me, but what do I know.
There's got to be a better way…
Any help is appreciated.
AJAX is simply a way to make a request to the web server for information.
When you make an AJAX request you ask for a response from a file on a server. So, you can send an AJAX request to a PHP script for-instance.
The PHP script could return anything, JSON is common and very widely used response format, but XML might be another one you've encountered.
So, your request for information is made using AJAX, and the response you get back is JSON.
You don't need to store a JSON file on your server. You just need to make an AJAX request that returns current data in JSON format.
AJAX allows you to do asynchronous HTTP requests.
You can of course ask for a json file, but you can also (for example) call an API.
I suggest you start by reading the the getting started guide for AJAX in MDN:
https://developer.mozilla.org/en-US/docs/Web/Guide/AJAX/Getting_Started

How to pass a value to MySQL from an infinitely looping Javascript function?

I'm trying to write a simple web app that will read from a 1D barcode and insert the value to a MySQL database.
Ideally this website will access to a camera and just scan the barcodes, that are shown to it. There will be no further user interaction.
I have achieved scanning the barcodes and extracting the information in Javascript using ZXing. Now my research has shown me that you can't just insert a php inside javascript. So I must stop the infinite loop of the function and pass data to php, where it can be inserted to MySQL. However after I return from the function and update the database, I need to refresh the webpage to scan a new barcode.
The problem is here I don't want to refresh the webpage because the browser, that runs the webpage won't have any mouse/keyboard(user interaction). How can I call a javascript function infinite times without refreshing my browser?
After scaning, send data to php by ajax (try some javascript framework like jQuery or others...)
By javascript, you can refresh page in oncomplete state of ajax request without any keybord or mouse action.
I think your best chance is to take a look to javascript Ajax calls.
In client side
- The infinite loop call to a function that handles de ajax call. That ajax call should sent a GET o POST to a php page.
- You don't need to refresh the page. If you need to return some data, do it in the ajax response function.
In the server side
The .php handle the insertion of data to MySQL.
Recomendation:
Use jQuery, a javascript library: https://jquery.com/
Take a look:
Using Jquery Ajax to retrieve data from Mysql

PHP/AJAX Requests: session_start(): Cannot send sesssion cache limiter - headers already sent

I have a problem which I can not find a solution to:
After a mouse keypress (onclick="") in my web application, I call a PHP function via AJAX request. This is nothing unusual. However, the PHP function needs to access some session variables. As I call the PHP function via HTML5 onclick and AJAX request, the webpage is already rendered, which probably means the headers have already been sent.
Probably, as a result of that, I get the following error:
session_start(): Cannot send session cache limiter - headers already sent
The key information here is that my PHP function called through AJAX Request does not output anything to the browser before calling session_start().
Is there any solution to this, please? Originally, I thought, AJAX function calls are independent from rendering the webpage and I could basically call session_start() at any time via AJAX. But now, it looks to me, that I can not call session_start() from my PHP function if called with AJAX request, just because all the AJAX calls are performed after rendering the webpage and thus after sending the headers?
Client Side: HTML5, JavaScript (no jquery)
Server Side: PHP, MySQL
If you have any idea for a workaround, that would help. Because of security reasons, I do not want to pass needed parameters as POST arguments. Because of speed reasons, I do not want to access them from my MySQL database. I would really like to know, if there is a way to access session variables through AJAX calls.
What I would like to know, if it is possible to replace AJAX calls with local PHP function calls. Then, I could take advantage of PHP global variables.
Thank you.

CSRF protection when making web apps using AJAX and no inline php

Just starting to get my head around rebuilding an app so all php is
accessed via AJAX ie no inline php, in preparation for making it a
native app using Phonegap.
One thing I'm wondering - currently (as the site is now with inline php)
I use random string generation to determine if the call is coming from
my site (this is to help avoid CSRF, right)?
ie...
create rand str
chuck it in session
send it with any AJAX calls, and check it matches the one in session
How is this possible when you're not using inline php? Do I have to...
from the first AJAX call, create a rand str in php during the call,
and return it
store the str in a js var
send it back in the next AJAX
check it matches the one in session, and if so all is good
create a fresh rand str, and send it back to AJAX, ready for the next
AJAX call
?
if the above is correct, how do you know the very first AJAX call hasn't been hacked?
Thanks for your help.

Kill JQuery AJAX overlapping requests

Is it possible to kill a previous ajax request?
We have tabular data very adjacent to each other. On mouseover event of each data we are making a request to our server using JQuery Ajax object and showing in popup.
But as frequently we move mouse to other tabular contents previous Ajax responses are being displayed inside popups prior exact response being displayed which is meant for that tabular content.
I need when new Ajax request is generated previous request/response should be killed, so that always expected latest response is available inside popup.
I am using JQuery, PHP and Mysql to server the request.
Could you create a custom Javascript Sync object which would be shared by the function making subsequent ajax calls?
Assign a sequentially generated id as a parameter to the request call going in. Include the same id in response. On firing every request assign a new id, incremented by 1 or whatever logic. If the current id in response is not same as the one in shared object; ignore the response else render the response.
this would cleanly solve the race condition. I am not sure myself if there is a way to kill the request prematurely but it would at least not create rendering problem that you face now.
Another option would be not to initiate another request until the first is completed.
Yes and no. That is the point of Ajax. To be able to do something asynchronously. What you are wanting to do is to abort a request which destroys the idea of asynchronously. Perhaps what you can do is, if you send another request, set a value somewhere indicating the number of requests, then in the callbacks to your requests, check if the amount of request is higher than 1, if so ignore the response.
Check this AJAX Manager plugin. The XmlHttpRequest has an abort() function but jQuery doesn't have a wrapper for it.

Categories

Resources