SlideShare a Scribd company logo

Ajax tutorial

S
shubham509

This document provides an overview of AJAX (Asynchronous JavaScript and XML), including: - AJAX allows for interactive web applications by using a combination of technologies like XML, HTML, CSS, and JavaScript. - It allows asynchronous data retrieval from the server in the background without interfering with the display and behavior of the existing page. - Some popular websites that use AJAX include Google Maps, Google Suggest, and Gmail to provide dynamic and interactive functionality.

Engineering
1 of 27
Downloaded 24 times
1
2
3
4
5
Most read
6
7
8
9
10
11
12
Most read
13
14
15
16
17
18
19
20
21
22
Most read
23
24
25
26
27
Ajax tutorial
i AbouttheTutorial AJAX is a web development technique for creating interactive web applications. If you know JavaScript, HTML, CSS, and XML, then you need to spend just one hour to start with AJAX. Audience This tutorial will be useful for web developers who want to learn how to create interactive webpages as well as improve their speed and usability using AJAX. Prerequisites It is highly recommended that you are familiar with HTML and JavaScript before attempting this tutorial. Copyright&Disclaimer  Copyright 2015 by Tutorials Point (I) Pvt. Ltd. All the content and graphics published in this e-book are the property of Tutorials Point (I) Pvt. Ltd. The user of this e-book is prohibited to reuse, retain, copy, distribute or republish any contents or a part of contents of this e-book in any manner without written consent of the publisher. We strive to update the contents of our website and tutorials as timely and as precisely as possible, however, the contents may contain inaccuracies or errors. Tutorials Point (I) Pvt. Ltd. provides no guarantee regarding the accuracy, timeliness or completeness of our website or its contents including this tutorial. If you discover any errors on our website or in this tutorial, please notify us at contact@tutorialspoint.com
ii TableofContents About the Tutorial .....................................................................................................................................i Audience....................................................................................................................................................i Prerequisites..............................................................................................................................................i Copyright & Disclaimer ..............................................................................................................................i Table of Contents......................................................................................................................................ii 1. OVERVIEW ............................................................................................................................1 Rich Internet Application Technology .......................................................................................................1 AJAX is Based on Open Standards.............................................................................................................1 2. TECHNOLOGIES USED IN AJAX ..............................................................................................3 JavaScript..................................................................................................................................................3 DOM .........................................................................................................................................................3 CSS............................................................................................................................................................3 XMLHttpRequest.......................................................................................................................................3 3. EXAMPLES.............................................................................................................................4 Google Maps.............................................................................................................................................4 Google Suggest .........................................................................................................................................4 Gmail ........................................................................................................................................................4 Yahoo Maps (new)....................................................................................................................................4 Difference between AJAX and Conventional CGI Program ........................................................................4 4. BROWSER SUPPORT..............................................................................................................6 Writing Browser Specific Code ..................................................................................................................6 5. AJAX IN ACTION ....................................................................................................................8 Steps of AJAX Operation ...........................................................................................................................8 A Client Event Occurs................................................................................................................................8
iii The XMLHttpRequest Object is Created ....................................................................................................8 The XMLHttpRequest Object is Configured ...............................................................................................9 Making Asynchronous Request to the Webserver.....................................................................................9 Webserver Returns the Result Containing XML Document .....................................................................10 Callback Function processRequest() is Called ..........................................................................................11 The HTML DOM is Updated.....................................................................................................................11 6. XMLHTTPREQUEST..............................................................................................................13 XMLHttpRequest Methods......................................................................................................................13 XMLHttpRequest Properties ...................................................................................................................14 7. DATABASE OPERATIONS .....................................................................................................16 Client Side HTML File ..............................................................................................................................16 Server Side PHP File ................................................................................................................................19 8. SECURITY ............................................................................................................................22 AJAX Security: Server Side ......................................................................................................................22 AJAX Security: Client Side .......................................................................................................................22 9. CURRENT ISSUES.................................................................................................................23
Ajax 1 AJAX stands for Asynchronous JavaScript and XML. AJAX is a new technique for creating better, faster, and more interactive web applications with the help of XML, HTML, CSS, and Java Script.  Ajax uses XHTML for content, CSS for presentation, along with Document Object Model and JavaScript for dynamic content display.  Conventional web applications transmit information to and from the sever using synchronous requests. It means you fill out a form, hit submit, and get directed to a new page with new information from the server.  With AJAX, when you hit submit, JavaScript will make a request to the server, interpret the results, and update the current screen. In the purest sense, the user would never know that anything was even transmitted to the server.  XML is commonly used as the format for receiving server data, although any format, including plain text, can be used.  AJAX is a web browser technology independent of web server software.  A user can continue to use the application while the client program requests information from the server in the background.  Intuitive and natural user interaction. Clicking is not required, mouse movement is a sufficient event trigger.  Data-driven as opposed to page-driven. RichInternetApplicationTechnology AJAX is the most viable Rich Internet Application (RIA) technology so far. It is getting tremendous industry momentum and several tool kit and frameworks are emerging. But at the same time, AJAX has browser incompatibility and it is supported by JavaScript, which is hard to maintain and debug. AJAXisBasedonOpenStandards AJAX is based on the following open standards:  Browser-based presentation using HTML and Cascading Style Sheets (CSS).  Data is stored in XML format and fetched from the server. 1. OVERVIEW
Ajax 2  Behind-the-scenes data fetches using XMLHttpRequest objects in the browser.  JavaScript to make everything happen.
Ajax 3 AJAX cannot work independently. It is used in combination with other technologies to create interactive webpages. JavaScript  Loosely typed scripting language.  JavaScript function is called when an event occurs in a page.  Glue for the whole AJAX operation. DOM  API for accessing and manipulating structured documents.  Represents the structure of XML and HTML documents. CSS  Allows for a clear separation of the presentation style from the content and may be changed programmatically by JavaScript. XMLHttpRequest  JavaScript object that performs asynchronous interaction with the server. 2. TECHNOLOGIES USED IN AJAX
Ajax 4 Here is a list of some famous web applications that make use of AJAX. GoogleMaps A user can drag an entire map by using the mouse, rather than clicking on a button.  http://maps.google.com/ GoogleSuggest As you type, Google offers suggestions. Use the arrow keys to navigate the results.  http://www.google.com/webhp?complete=1&hl=en Gmail Gmail is a webmail built on the idea that emails can be more intuitive, efficient, and useful.  http://gmail.com/ YahooMaps(new) Now it's even easier and more fun to get where you're going!  http://maps.yahoo.com/ DifferencebetweenAJAXandConventionalCGIProgram Try these two examples one by one and you will feel the difference. While trying AJAX example, there is no discontinuity and you get the response very quickly, but when you try the standard GCI example, you would have to wait for the response and your page also gets refreshed. AJAX Example: * = Submit 3. EXAMPLES
Ajax 5 Standard Example: * = Submit NOTE: We have given a more complex example in AJAX Database.
Ajax 6 All the available browsers cannot support AJAX. Here is a list of major browsers that support AJAX.  Mozilla Firefox 1.0 and above.  Netscape version 7.1 and above.  Apple Safari 1.2 and above.  Microsoft Internet Explorer 5 and above.  Konqueror.  Opera 7.6 and above. When you write your next application, do consider the browsers that do not support AJAX. NOTE: When we say that a browser does not support AJAX, it simply means that the browser does not support the creation of Javascript object – XMLHttpRequest object. WritingBrowserSpecificCode The simplest way to make your source code compatible with a browser is to use try...catch blocks in your JavaScript. <html> <body> <script language="javascript" type="text/javascript"> <!-- //Browser Support Code function ajaxFunction(){ var ajaxRequest; // The variable that makes Ajax possible! try{ // Opera 8.0+, Firefox, Safari ajaxRequest = new XMLHttpRequest(); }catch (e){ // Internet Explorer Browsers 4. BROWSER SUPPORT
Ajax 7 try{ ajaxRequest = new ActiveXObject("Msxml2.XMLHTTP"); }catch (e) { try{ ajaxRequest = new ActiveXObject("Microsoft.XMLHTTP"); }catch (e){ // Something went wrong alert("Your browser broke!"); return false; } } } } //--> </script> <form name='myForm'> Name: <input type='text' name='username' /> <br /> Time: <input type='text' name='time' /> </form> </body> </html> In the above JavaScript code, we try three times to make our XMLHttpRequest object. Our first attempt:  ajaxRequest = new XMLHttpRequest(); It is for Opera 8.0+, Firefox, and Safari browsers. If it fails, we try two more times to make the correct object for an Internet Explorer browser with:  ajaxRequest = new ActiveXObject("Msxml2.XMLHTTP");  ajaxRequest = new ActiveXObject("Microsoft.XMLHTTP"); If it doesn't work, then we can use a very outdated browser that doesn't support XMLHttpRequest, which also means it doesn't support AJAX. Most likely though, our variable ajaxRequest will now be set to whatever XMLHttpRequest standard the browser uses and we can start sending data to the server. The step-wise AJAX workflow is explained in the next chapter.
Ajax 8 This chapter gives you a clear picture of the exact steps of AJAX operation. StepsofAJAXOperation 1. A client event occurs. 2. An XMLHttpRequest object is created. 3. The XMLHttpRequest object is configured. 4. The XMLHttpRequest object makes an asynchronous request to the Webserver. 5. The Webserver returns the result containing XML document. 6. The XMLHttpRequest object calls the callback() function and processes the result. 7. The HTML DOM is updated. Let us take these steps one by one. AClientEventOccurs  A JavaScript function is called as the result of an event.  Example: validateUserId() JavaScript function is mapped as an event handler to an onkeyup event on input form field whose id is set to "userid".  <input type="text" size="20" id="userid" name="id" onkeyup="validateUserId();">. TheXMLHttpRequestObjectisCreated var ajaxRequest; // The variable that makes Ajax possible! function ajaxFunction(){ try{ // Opera 8.0+, Firefox, Safari ajaxRequest = new XMLHttpRequest(); }catch (e){ // Internet Explorer Browsers 5. AJAX IN ACTION
Ajax 9 try{ ajaxRequest = new ActiveXObject("Msxml2.XMLHTTP"); }catch (e) { try{ ajaxRequest = new ActiveXObject("Microsoft.XMLHTTP"); }catch (e){ // Something went wrong alert("Your browser broke!"); return false; } } } } TheXMLHttpRequestObjectisConfigured In this step, we will write a function that will be triggered by the client event and a callback function processRequest() will be registered. function validateUserId() { ajaxFunction(); // Here processRequest() is the callback function. ajaxRequest.onreadystatechange = processRequest; if (!target) target = document.getElementById("userid"); var url = "validate?id=" + escape(target.value); ajaxRequest.open("GET", url, true); ajaxRequest.send(null); } MakingAsynchronousRequesttotheWebserver Source code is available in the above piece of code. Code written in bold typeface is responsible to make a request to the webserver. This is all being done using the XMLHttpRequest object ajaxRequest.
Ajax 10 function validateUserId() { ajaxFunction(); // Here processRequest() is the callback function. ajaxRequest.onreadystatechange = processRequest; if (!target) target = document.getElementById("userid"); var url = "validate?id=" + escape(target.value); ajaxRequest.open("GET", url, true); ajaxRequest.send(null); } Assume you enter Zara in the userid box, then in the above request, the URL is set to "validate?id=Zara". WebserverReturnstheResultContainingXMLDocument You can implement your server-side script in any language, however its logic should be as follows.  Get a request from the client.  Parse the input from the client.  Do required processing.  Send the output to the client. If we assume that you are going to write a servlet, then here is the piece of code. public void doGet(HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException { String targetId = request.getParameter("id"); if ((targetId != null) && !accounts.containsKey(targetId.trim())) { response.setContentType("text/xml"); response.setHeader("Cache-Control", "no-cache"); response.getWriter().write("true"); }
Ajax 11 else { response.setContentType("text/xml"); response.setHeader("Cache-Control", "no-cache"); response.getWriter().write("false"); } } CallbackFunctionprocessRequest()isCalled The XMLHttpRequest object was configured to call the processRequest() function when there is a state change to the readyState of the XMLHttpRequest object. Now this function will receive the result from the server and will do the required processing. As in the following example, it sets a variable message on true or false based on the returned value from the Webserver. function processRequest() { if (req.readyState == 4) { if (req.status == 200) { var message = ...; ... } TheHTMLDOMisUpdated This is the final step and in this step, your HTML page will be updated. It happens in the following way:  JavaScript gets a reference to any element in a page using DOM API.  The recommended way to gain a reference to an element is to call. document.getElementById("userIdMessage"), // where "userIdMessage" is the ID attribute // of an element appearing in the HTML document  JavaScript may now be used to modify the element's attributes; modify the element's style properties; or add, remove, or modify the child elements. Here is an example: <script type="text/javascript">
Ajax 12 <!-- function setMessageUsingDOM(message) { var userMessageElement = document.getElementById("userIdMessage"); var messageText; if (message == "false") { userMessageElement.style.color = "red"; messageText = "Invalid User Id"; } else { userMessageElement.style.color = "green"; messageText = "Valid User Id"; } var messageBody = document.createTextNode(messageText); // if the messageBody element has been created simple // replace it otherwise append the new element if (userMessageElement.childNodes[0]) { userMessageElement.replaceChild(messageBody, userMessageElement.childNodes[0]); } else { userMessageElement.appendChild(messageBody); } } --> </script> <body> <div id="userIdMessage"><div> </body> If you have understood the above-mentioned seven steps, then you are almost done with AJAX. In the next chapter, we will see XMLHttpRequest object in detail.
Ajax 13 The XMLHttpRequest object is the key to AJAX. It has been available ever since Internet Explorer 5.5 was released in July 2000, but was not fully discovered until AJAX and Web 2.0 in 2005 became popular. XMLHttpRequest (XHR) is an API that can be used by JavaScript, JScript, VBScript, and other web browser scripting languages to transfer and manipulate XML data to and from a webserver using HTTP, establishing an independent connection channel between a webpage's Client-Side and Server-Side. The data returned from XMLHttpRequest calls will often be provided by back-end databases. Besides XML, XMLHttpRequest can be used to fetch data in other formats, e.g. JSON or even plain text. You already have seen a couple of examples on how to create an XMLHttpRequest object. Listed below are some of the methods and properties that you have to get familiar with. XMLHttpRequestMethods  abort() Cancels the current request.  getAllResponseHeaders() Returns the complete set of HTTP headers as a string.  getResponseHeader( headerName ) Returns the value of the specified HTTP header.  open( method, URL )  open( method, URL, async )  open( method, URL, async, userName )  open( method, URL, async, userName, password ) Specifies the method, URL, and other optional attributes of a request. 6. XMLHTTPREQUEST
Ajax 14 The method parameter can have a value of "GET", "POST", or "HEAD". Other HTTP methods such as "PUT" and "DELETE" (primarily used in REST applications) may be possible. The "async" parameter specifies whether the request should be handled asynchronously or not. "true" means that the script processing carries on after the send() method without waiting for a response, and "false" means that the script waits for a response before continuing script processing.  send( content ) Sends the request.  setRequestHeader( label, value ) Adds a label/value pair to the HTTP header to be sent. XMLHttpRequestProperties  onreadystatechange An event handler for an event that fires at every state change.  readyState The readyState property defines the current state of the XMLHttpRequest object. The following table provides a list of the possible values for the readyState property: State Description 0 The request is not initialized. 1 The request has been set up. 2 The request has been sent. 3 The request is in process. 4 The request is completed. readyState = 0 – After you have created the XMLHttpRequest object, but before you have called the open() method.
Ajax 15 readyState = 1 After you have called the open() method, but before you have called send(). readyState = 2 After you have called send(). readyState = 3 After the browser has established a communication with the server, but before the server has completed the response. readyState = 4 After the request has been completed, and the response data has been completely received from the server.  responseText Returns the response as a string.  responseXML Returns the response as XML. This property returns an XML document object, which can be examined and parsed using the W3C DOM node tree methods and properties.  status Returns the status as a number (e.g., 404 for "Not Found" and 200 for "OK").  statusText Returns the status as a string (e.g., "Not Found" or "OK").
Ajax 16 To clearly illustrate how easy it is to access information from a database using AJAX, we are going to build MySQL queries on the fly and display the results on "ajax.html". But before we proceed, let us do the ground work. Create a table using the following command. NOTE: We are assuming you have sufficient privilege to perform the following MySQL operations. CREATE TABLE 'ajax_example' ( 'name' varchar(50) NOT NULL, 'age' int(11) NOT NULL, 'sex' varchar(1) NOT NULL, 'wpm' int(11) NOT NULL, PRIMARY KEY ('name') ) Now dump the following data into this table using the following SQL statements: INSERT INTO 'ajax_example' VALUES ('Jerry', 120, 'm', 20); INSERT INTO 'ajax_example' VALUES ('Regis', 75, 'm', 44); INSERT INTO 'ajax_example' VALUES ('Frank', 45, 'm', 87); INSERT INTO 'ajax_example' VALUES ('Jill', 22, 'f', 72); INSERT INTO 'ajax_example' VALUES ('Tracy', 27, 'f', 0); INSERT INTO 'ajax_example' VALUES ('Julie', 35, 'f', 90); ClientSideHTMLFile Now let us have our client side HTML file, which is ajax.html, and it will have the following code: <html> <body> <script language="javascript" type="text/javascript"> <!-- //Browser Support Code 7. DATABASE OPERATIONS
Ajax 17 function ajaxFunction(){ var ajaxRequest; // The variable that makes Ajax possible! try{ // Opera 8.0+, Firefox, Safari ajaxRequest = new XMLHttpRequest(); }catch (e){ // Internet Explorer Browsers try{ ajaxRequest = new ActiveXObject("Msxml2.XMLHTTP"); }catch (e) { try{ ajaxRequest = new ActiveXObject("Microsoft.XMLHTTP"); }catch (e){ // Something went wrong alert("Your browser broke!"); return false; } } } // Create a function that will receive data // sent from the server and will update // div section in the same page. ajaxRequest.onreadystatechange = function(){ if(ajaxRequest.readyState == 4){ var ajaxDisplay = document.getElementById('ajaxDiv'); ajaxDisplay.innerHTML = ajaxRequest.responseText; } } // Now get the value from user and pass it to // server script. var age = document.getElementById('age').value; var wpm = document.getElementById('wpm').value; var sex = document.getElementById('sex').value;
Ajax 18 var queryString = "?age=" + age ; queryString += "&wpm=" + wpm + "&sex=" + sex; ajaxRequest.open("GET", "ajax-example.php" + queryString, true); ajaxRequest.send(null); } //--> </script> <form name='myForm'> Max Age: <input type='text' id='age' /> <br /> Max WPM: <input type='text' id='wpm' /> <br /> Sex: <select id='sex'> <option value="m">m</option> <option value="f">f</option> </select> <input type='button' onclick='ajaxFunction()' value='Query MySQL'/> </form> <div id='ajaxDiv'>Your result will display here</div> </body> </html> NOTE: The way of passing variables in the Query is according to HTTP standard and have formA. URL?variable1=value1;&variable2=value2; The above code will give you a screen as given below:
Ajax 19 Max Age: Max WPM: Sex: Your result will display here in this section after you have made your entry. NOTE: This is a dummy screen. ServerSidePHPFile Your client-side script is ready. Now, we have to write our server-side script, which will fetch age, wpm, and sex from the database and will send it back to the client. Put the following code into the file "ajax-example.php". <?php $dbhost = "localhost"; $dbuser = "dbusername"; $dbpass = "dbpassword"; $dbname = "dbname"; //Connect to MySQL Server mysql_connect($dbhost, $dbuser, $dbpass); //Select Database mysql_select_db($dbname) or die(mysql_error()); // Retrieve data from Query String $age = $_GET['age']; $sex = $_GET['sex']; $wpm = $_GET['wpm']; // Escape User Input to help prevent SQL Injection
Ajax 20 $age = mysql_real_escape_string($age); $sex = mysql_real_escape_string($sex); $wpm = mysql_real_escape_string($wpm); //build query $query = "SELECT * FROM ajax_example WHERE sex = '$sex'"; if(is_numeric($age)) $query .= " AND age <= $age"; if(is_numeric($wpm)) $query .= " AND wpm <= $wpm"; //Execute query $qry_result = mysql_query($query) or die(mysql_error()); //Build Result String $display_string = "<table>"; $display_string .= "<tr>"; $display_string .= "<th>Name</th>"; $display_string .= "<th>Age</th>"; $display_string .= "<th>Sex</th>"; $display_string .= "<th>WPM</th>"; $display_string .= "</tr>"; // Insert a new row in the table for each person returned while($row = mysql_fetch_array($qry_result)){ $display_string .= "<tr>"; $display_string .= "<td>$row[name]</td>"; $display_string .= "<td>$row[age]</td>"; $display_string .= "<td>$row[sex]</td>"; $display_string .= "<td>$row[wpm]</td>"; $display_string .= "</tr>"; } echo "Query: " . $query . "<br />";
Ajax 21 $display_string .= "</table>"; echo $display_string; ?> Now try by entering a valid value (e.g., 120) in Max Age or any other box and then click Query MySQL button. Max Age: Max WPM: Sex: Your result will display here in this section after you have made your entry. If you have successfully completed this lesson, then you know how to use MySQL, PHP, HTML, and Javascript in tandem to write AJAX applications.
Ajax 22 AJAXSecurity:ServerSide  AJAX-based Web applications use the same server-side security schemes of regular Web applications.  You specify authentication, authorization, and data protection requirements in your web.xml file (declarative) or in your program (programmatic).  AJAX-based Web applications are subject to the same security threats as regular Web applications. AJAXSecurity:ClientSide  JavaScript code is visible to a user/hacker. Hacker can use JavaScript code for inferring server-side weaknesses.  JavaScript code is downloaded from the server and executed ("eval") at the client and can compromise the client by mal-intended code.  Downloaded JavaScript code is constrained by the sand-box security model and can be relaxed for signed JavaScript. 8. SECURITY
Ajax 23 AJAX is growing very fast and that is the reason that it contains many issues with it. We hope with the passes of time, they will be resolved and AJAX will become ideal for web applications. We are listing down a few issues that AJAX currently suffers from. Complexity is increased  Server-side developers will need to understand that presentation logic will be required in the HTML client pages as well as in the server-side logic.  Page developers must have JavaScript technology skills. AJAX-based applications can be difficult to debug, test, and maintain  JavaScript is hard to test - automatic testing is hard.  Weak modularity in JavaScript.  Lack of design patterns or best practice guidelines yet. Toolkits/Frameworks are not mature yet  Most of them are in beta phase. No standardization of the XMLHttpRequest yet  Future version of IE will address this. No support of XMLHttpRequest in old browsers  Iframe will help. JavaScript technology dependency and incompatibility  Must be enabled for applications to function.  Still some browser incompatibilities exist. JavaScript code is visible to a hacker  Poorly designed JavaScript code can invite security problems. 9. CURRENT ISSUES

More Related Content

PPTX
Adaptation of Evidence-based Interventions and De-Implementation of Ineffecti...
HopkinsCFAR
 
DOCX
Tarea 3... Teologiza Aplicada
Glenis Contreras
 
PDF
Autism Breakthrough with ABA Method
Doris J Barnes
 
PDF
Sbi icollect
shubham509
 
PDF
Ajax
Usman Khan
 
PPT
Ajax: User Experience
petrov
 
PPT
Ajax Ppt 1
JayaPrakash.m
 
PPT
Ajax & ASP.NET 2
Talal Alsubaie
 
Adaptation of Evidence-based Interventions and De-Implementation of Ineffecti...
HopkinsCFAR
 
Tarea 3... Teologiza Aplicada
Glenis Contreras
 
Autism Breakthrough with ABA Method
Doris J Barnes
 
Sbi icollect
shubham509
 
Ajax
Usman Khan
 
Ajax: User Experience
petrov
 
Ajax Ppt 1
JayaPrakash.m
 
Ajax & ASP.NET 2
Talal Alsubaie
 

Similar to Ajax tutorial (20)

PPTX
Ajax and Jquery
People Strategists
 
PPTX
Ajax
Anaghabalakrishnan
 
PPTX
Ajax assignment help
john mayer
 
PPT
Ajax
devisp
 
PPT
Careers in Java Script and Ajax
learningcatalyst
 
PPT
Rob Tweed :: Ajax and the Impact on Caché and Similar Technologies
george.james
 
PPT
M Ramya
st anns PG College,Mallapur,Hyderabad, India
 
PPT
Ajax Presentation
alaa.moustafa
 
PPT
Advantages and disadvantages of an ajax based client application
Placinta Alin
 
PDF
AJAX vs. jQuery What Are The Differences.pdf
Laura Miller
 
PPT
Ajax
baabtra.com - No. 1 supplier of quality freshers
 
PPT
Ajax Testing Approach
HarshaVJoshi
 
PPT
Ajax Testing Approach
HarshJ
 
PPTX
Eric Beland Ajax Load Testing Considerations
Ajax Experience 2009
 
PPT
Careers In Java Script Ajax - Java Script Ajax Tutorials & Programs by Learni...
S P Jain Institute of Management & Research (SPJIMR)
 
ODP
Ajax Basics And Framework
shivas
 
PPTX
Ajax Load Testing Concerns By Eric Beland
Testomatix
 
PPT
Ajax Abuse Todcon2008
Jesse Rodgers
 
PPT
Ajax
Shivam Jaiswal
 
PPT
ASP.NET AJAX with Visual Studio 2008
Caleb Jenkins
 
Ajax and Jquery
People Strategists
 
Ajax
Anaghabalakrishnan
 
Ajax assignment help
john mayer
 
Ajax
devisp
 
Careers in Java Script and Ajax
learningcatalyst
 
Rob Tweed :: Ajax and the Impact on Caché and Similar Technologies
george.james
 
M Ramya
st anns PG College,Mallapur,Hyderabad, India
 
Ajax Presentation
alaa.moustafa
 
Advantages and disadvantages of an ajax based client application
Placinta Alin
 
AJAX vs. jQuery What Are The Differences.pdf
Laura Miller
 
Ajax
baabtra.com - No. 1 supplier of quality freshers
 
Ajax Testing Approach
HarshaVJoshi
 
Ajax Testing Approach
HarshJ
 
Eric Beland Ajax Load Testing Considerations
Ajax Experience 2009
 
Careers In Java Script Ajax - Java Script Ajax Tutorials & Programs by Learni...
S P Jain Institute of Management & Research (SPJIMR)
 
Ajax Basics And Framework
shivas
 
Ajax Load Testing Concerns By Eric Beland
Testomatix
 
Ajax Abuse Todcon2008
Jesse Rodgers
 
Ajax
Shivam Jaiswal
 
ASP.NET AJAX with Visual Studio 2008
Caleb Jenkins
 
Ad

Recently uploaded (20)

PPTX
CH1 Production IntroductoryConcepts.pptx
RacemMellouli1
 
PPTX
MCN 401 KTU-2019-PPE KITS-MODULE 2.pptx
VinayB68
 
PPTX
Welding lecture in detail for understanding
sahilpoonia10
 
PPT
Mechanical Engineering MATERIALS Selection
arsalanahmad705384
 
PPTX
M Tech Sem 1 Civil Engineering Environmental Sciences.pptx
ShriNRPrasad
 
PDF
Operating System & Kernel Study Guide-1 - converted.pdf
mranoninvisib16
 
PPTX
CYBER-CRIMES AND SECURITY A guide to understanding
Davies Chacko
 
PDF
Embodied AI: Ushering in the Next Era of Intelligent Systems
Yu Huang
 
PDF
keyrequirementskkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkk
mojeeburahmanwardak
 
PPTX
UNIT-1 - COAL BASED THERMAL POWER PLANTS
Chandra Kumar S
 
PDF
BMEC211 - INTRODUCTION TO MECHATRONICS-1.pdf
ryankakungu
 
PPTX
Internet of Things (IOT) - A guide to understanding
Davies Chacko
 
PDF
Automation-in-Manufacturing-Chapter-Introduction.pdf
pcmth867
 
PPTX
MET 305 2019 SCHEME MODULE 2 COMPLETE.pptx
VinayB68
 
PDF
Mitigating Risks through Effective Management for Enhancing Organizational Pe...
IJAEMSJORNAL
 
PPTX
Recipes for Real Time Voice AI WebRTC, SLMs and Open Source Software.pptx
Alberto González Trastoy
 
DOCX
573137875-Attendance-Management-System-original
AYUSHMANAV
 
PPTX
bas. eng. economics group 4 presentation 1.pptx
kiribakimoses1993
 
PPTX
KTU 2019 -S7-MCN 401 MODULE 2-VINAY.pptx
VinayB68
 
PDF
composite construction of structures.pdf
AinieButt1
 
CH1 Production IntroductoryConcepts.pptx
RacemMellouli1
 
MCN 401 KTU-2019-PPE KITS-MODULE 2.pptx
VinayB68
 
Welding lecture in detail for understanding
sahilpoonia10
 
Mechanical Engineering MATERIALS Selection
arsalanahmad705384
 
M Tech Sem 1 Civil Engineering Environmental Sciences.pptx
ShriNRPrasad
 
Operating System & Kernel Study Guide-1 - converted.pdf
mranoninvisib16
 
CYBER-CRIMES AND SECURITY A guide to understanding
Davies Chacko
 
Embodied AI: Ushering in the Next Era of Intelligent Systems
Yu Huang
 
keyrequirementskkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkk
mojeeburahmanwardak
 
UNIT-1 - COAL BASED THERMAL POWER PLANTS
Chandra Kumar S
 
BMEC211 - INTRODUCTION TO MECHATRONICS-1.pdf
ryankakungu
 
Internet of Things (IOT) - A guide to understanding
Davies Chacko
 
Automation-in-Manufacturing-Chapter-Introduction.pdf
pcmth867
 
MET 305 2019 SCHEME MODULE 2 COMPLETE.pptx
VinayB68
 
Mitigating Risks through Effective Management for Enhancing Organizational Pe...
IJAEMSJORNAL
 
Recipes for Real Time Voice AI WebRTC, SLMs and Open Source Software.pptx
Alberto González Trastoy
 
573137875-Attendance-Management-System-original
AYUSHMANAV
 
bas. eng. economics group 4 presentation 1.pptx
kiribakimoses1993
 
KTU 2019 -S7-MCN 401 MODULE 2-VINAY.pptx
VinayB68
 
composite construction of structures.pdf
AinieButt1
 
Ad

Ajax tutorial

  • 2. i AbouttheTutorial AJAX is a web development technique for creating interactive web applications. If you know JavaScript, HTML, CSS, and XML, then you need to spend just one hour to start with AJAX. Audience This tutorial will be useful for web developers who want to learn how to create interactive webpages as well as improve their speed and usability using AJAX. Prerequisites It is highly recommended that you are familiar with HTML and JavaScript before attempting this tutorial. Copyright&Disclaimer  Copyright 2015 by Tutorials Point (I) Pvt. Ltd. All the content and graphics published in this e-book are the property of Tutorials Point (I) Pvt. Ltd. The user of this e-book is prohibited to reuse, retain, copy, distribute or republish any contents or a part of contents of this e-book in any manner without written consent of the publisher. We strive to update the contents of our website and tutorials as timely and as precisely as possible, however, the contents may contain inaccuracies or errors. Tutorials Point (I) Pvt. Ltd. provides no guarantee regarding the accuracy, timeliness or completeness of our website or its contents including this tutorial. If you discover any errors on our website or in this tutorial, please notify us at contact@tutorialspoint.com
  • 3. ii TableofContents About the Tutorial .....................................................................................................................................i Audience....................................................................................................................................................i Prerequisites..............................................................................................................................................i Copyright & Disclaimer ..............................................................................................................................i Table of Contents......................................................................................................................................ii 1. OVERVIEW ............................................................................................................................1 Rich Internet Application Technology .......................................................................................................1 AJAX is Based on Open Standards.............................................................................................................1 2. TECHNOLOGIES USED IN AJAX ..............................................................................................3 JavaScript..................................................................................................................................................3 DOM .........................................................................................................................................................3 CSS............................................................................................................................................................3 XMLHttpRequest.......................................................................................................................................3 3. EXAMPLES.............................................................................................................................4 Google Maps.............................................................................................................................................4 Google Suggest .........................................................................................................................................4 Gmail ........................................................................................................................................................4 Yahoo Maps (new)....................................................................................................................................4 Difference between AJAX and Conventional CGI Program ........................................................................4 4. BROWSER SUPPORT..............................................................................................................6 Writing Browser Specific Code ..................................................................................................................6 5. AJAX IN ACTION ....................................................................................................................8 Steps of AJAX Operation ...........................................................................................................................8 A Client Event Occurs................................................................................................................................8
  • 4. iii The XMLHttpRequest Object is Created ....................................................................................................8 The XMLHttpRequest Object is Configured ...............................................................................................9 Making Asynchronous Request to the Webserver.....................................................................................9 Webserver Returns the Result Containing XML Document .....................................................................10 Callback Function processRequest() is Called ..........................................................................................11 The HTML DOM is Updated.....................................................................................................................11 6. XMLHTTPREQUEST..............................................................................................................13 XMLHttpRequest Methods......................................................................................................................13 XMLHttpRequest Properties ...................................................................................................................14 7. DATABASE OPERATIONS .....................................................................................................16 Client Side HTML File ..............................................................................................................................16 Server Side PHP File ................................................................................................................................19 8. SECURITY ............................................................................................................................22 AJAX Security: Server Side ......................................................................................................................22 AJAX Security: Client Side .......................................................................................................................22 9. CURRENT ISSUES.................................................................................................................23
  • 5. Ajax 1 AJAX stands for Asynchronous JavaScript and XML. AJAX is a new technique for creating better, faster, and more interactive web applications with the help of XML, HTML, CSS, and Java Script.  Ajax uses XHTML for content, CSS for presentation, along with Document Object Model and JavaScript for dynamic content display.  Conventional web applications transmit information to and from the sever using synchronous requests. It means you fill out a form, hit submit, and get directed to a new page with new information from the server.  With AJAX, when you hit submit, JavaScript will make a request to the server, interpret the results, and update the current screen. In the purest sense, the user would never know that anything was even transmitted to the server.  XML is commonly used as the format for receiving server data, although any format, including plain text, can be used.  AJAX is a web browser technology independent of web server software.  A user can continue to use the application while the client program requests information from the server in the background.  Intuitive and natural user interaction. Clicking is not required, mouse movement is a sufficient event trigger.  Data-driven as opposed to page-driven. RichInternetApplicationTechnology AJAX is the most viable Rich Internet Application (RIA) technology so far. It is getting tremendous industry momentum and several tool kit and frameworks are emerging. But at the same time, AJAX has browser incompatibility and it is supported by JavaScript, which is hard to maintain and debug. AJAXisBasedonOpenStandards AJAX is based on the following open standards:  Browser-based presentation using HTML and Cascading Style Sheets (CSS).  Data is stored in XML format and fetched from the server. 1. OVERVIEW
  • 6. Ajax 2  Behind-the-scenes data fetches using XMLHttpRequest objects in the browser.  JavaScript to make everything happen.
  • 7. Ajax 3 AJAX cannot work independently. It is used in combination with other technologies to create interactive webpages. JavaScript  Loosely typed scripting language.  JavaScript function is called when an event occurs in a page.  Glue for the whole AJAX operation. DOM  API for accessing and manipulating structured documents.  Represents the structure of XML and HTML documents. CSS  Allows for a clear separation of the presentation style from the content and may be changed programmatically by JavaScript. XMLHttpRequest  JavaScript object that performs asynchronous interaction with the server. 2. TECHNOLOGIES USED IN AJAX
  • 8. Ajax 4 Here is a list of some famous web applications that make use of AJAX. GoogleMaps A user can drag an entire map by using the mouse, rather than clicking on a button.  http://maps.google.com/ GoogleSuggest As you type, Google offers suggestions. Use the arrow keys to navigate the results.  http://www.google.com/webhp?complete=1&hl=en Gmail Gmail is a webmail built on the idea that emails can be more intuitive, efficient, and useful.  http://gmail.com/ YahooMaps(new) Now it's even easier and more fun to get where you're going!  http://maps.yahoo.com/ DifferencebetweenAJAXandConventionalCGIProgram Try these two examples one by one and you will feel the difference. While trying AJAX example, there is no discontinuity and you get the response very quickly, but when you try the standard GCI example, you would have to wait for the response and your page also gets refreshed. AJAX Example: * = Submit 3. EXAMPLES
  • 9. Ajax 5 Standard Example: * = Submit NOTE: We have given a more complex example in AJAX Database.
  • 10. Ajax 6 All the available browsers cannot support AJAX. Here is a list of major browsers that support AJAX.  Mozilla Firefox 1.0 and above.  Netscape version 7.1 and above.  Apple Safari 1.2 and above.  Microsoft Internet Explorer 5 and above.  Konqueror.  Opera 7.6 and above. When you write your next application, do consider the browsers that do not support AJAX. NOTE: When we say that a browser does not support AJAX, it simply means that the browser does not support the creation of Javascript object – XMLHttpRequest object. WritingBrowserSpecificCode The simplest way to make your source code compatible with a browser is to use try...catch blocks in your JavaScript. <html> <body> <script language="javascript" type="text/javascript"> <!-- //Browser Support Code function ajaxFunction(){ var ajaxRequest; // The variable that makes Ajax possible! try{ // Opera 8.0+, Firefox, Safari ajaxRequest = new XMLHttpRequest(); }catch (e){ // Internet Explorer Browsers 4. BROWSER SUPPORT
  • 11. Ajax 7 try{ ajaxRequest = new ActiveXObject("Msxml2.XMLHTTP"); }catch (e) { try{ ajaxRequest = new ActiveXObject("Microsoft.XMLHTTP"); }catch (e){ // Something went wrong alert("Your browser broke!"); return false; } } } } //--> </script> <form name='myForm'> Name: <input type='text' name='username' /> <br /> Time: <input type='text' name='time' /> </form> </body> </html> In the above JavaScript code, we try three times to make our XMLHttpRequest object. Our first attempt:  ajaxRequest = new XMLHttpRequest(); It is for Opera 8.0+, Firefox, and Safari browsers. If it fails, we try two more times to make the correct object for an Internet Explorer browser with:  ajaxRequest = new ActiveXObject("Msxml2.XMLHTTP");  ajaxRequest = new ActiveXObject("Microsoft.XMLHTTP"); If it doesn't work, then we can use a very outdated browser that doesn't support XMLHttpRequest, which also means it doesn't support AJAX. Most likely though, our variable ajaxRequest will now be set to whatever XMLHttpRequest standard the browser uses and we can start sending data to the server. The step-wise AJAX workflow is explained in the next chapter.
  • 12. Ajax 8 This chapter gives you a clear picture of the exact steps of AJAX operation. StepsofAJAXOperation 1. A client event occurs. 2. An XMLHttpRequest object is created. 3. The XMLHttpRequest object is configured. 4. The XMLHttpRequest object makes an asynchronous request to the Webserver. 5. The Webserver returns the result containing XML document. 6. The XMLHttpRequest object calls the callback() function and processes the result. 7. The HTML DOM is updated. Let us take these steps one by one. AClientEventOccurs  A JavaScript function is called as the result of an event.  Example: validateUserId() JavaScript function is mapped as an event handler to an onkeyup event on input form field whose id is set to "userid".  <input type="text" size="20" id="userid" name="id" onkeyup="validateUserId();">. TheXMLHttpRequestObjectisCreated var ajaxRequest; // The variable that makes Ajax possible! function ajaxFunction(){ try{ // Opera 8.0+, Firefox, Safari ajaxRequest = new XMLHttpRequest(); }catch (e){ // Internet Explorer Browsers 5. AJAX IN ACTION
  • 13. Ajax 9 try{ ajaxRequest = new ActiveXObject("Msxml2.XMLHTTP"); }catch (e) { try{ ajaxRequest = new ActiveXObject("Microsoft.XMLHTTP"); }catch (e){ // Something went wrong alert("Your browser broke!"); return false; } } } } TheXMLHttpRequestObjectisConfigured In this step, we will write a function that will be triggered by the client event and a callback function processRequest() will be registered. function validateUserId() { ajaxFunction(); // Here processRequest() is the callback function. ajaxRequest.onreadystatechange = processRequest; if (!target) target = document.getElementById("userid"); var url = "validate?id=" + escape(target.value); ajaxRequest.open("GET", url, true); ajaxRequest.send(null); } MakingAsynchronousRequesttotheWebserver Source code is available in the above piece of code. Code written in bold typeface is responsible to make a request to the webserver. This is all being done using the XMLHttpRequest object ajaxRequest.
  • 14. Ajax 10 function validateUserId() { ajaxFunction(); // Here processRequest() is the callback function. ajaxRequest.onreadystatechange = processRequest; if (!target) target = document.getElementById("userid"); var url = "validate?id=" + escape(target.value); ajaxRequest.open("GET", url, true); ajaxRequest.send(null); } Assume you enter Zara in the userid box, then in the above request, the URL is set to "validate?id=Zara". WebserverReturnstheResultContainingXMLDocument You can implement your server-side script in any language, however its logic should be as follows.  Get a request from the client.  Parse the input from the client.  Do required processing.  Send the output to the client. If we assume that you are going to write a servlet, then here is the piece of code. public void doGet(HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException { String targetId = request.getParameter("id"); if ((targetId != null) && !accounts.containsKey(targetId.trim())) { response.setContentType("text/xml"); response.setHeader("Cache-Control", "no-cache"); response.getWriter().write("true"); }
  • 15. Ajax 11 else { response.setContentType("text/xml"); response.setHeader("Cache-Control", "no-cache"); response.getWriter().write("false"); } } CallbackFunctionprocessRequest()isCalled The XMLHttpRequest object was configured to call the processRequest() function when there is a state change to the readyState of the XMLHttpRequest object. Now this function will receive the result from the server and will do the required processing. As in the following example, it sets a variable message on true or false based on the returned value from the Webserver. function processRequest() { if (req.readyState == 4) { if (req.status == 200) { var message = ...; ... } TheHTMLDOMisUpdated This is the final step and in this step, your HTML page will be updated. It happens in the following way:  JavaScript gets a reference to any element in a page using DOM API.  The recommended way to gain a reference to an element is to call. document.getElementById("userIdMessage"), // where "userIdMessage" is the ID attribute // of an element appearing in the HTML document  JavaScript may now be used to modify the element's attributes; modify the element's style properties; or add, remove, or modify the child elements. Here is an example: <script type="text/javascript">
  • 16. Ajax 12 <!-- function setMessageUsingDOM(message) { var userMessageElement = document.getElementById("userIdMessage"); var messageText; if (message == "false") { userMessageElement.style.color = "red"; messageText = "Invalid User Id"; } else { userMessageElement.style.color = "green"; messageText = "Valid User Id"; } var messageBody = document.createTextNode(messageText); // if the messageBody element has been created simple // replace it otherwise append the new element if (userMessageElement.childNodes[0]) { userMessageElement.replaceChild(messageBody, userMessageElement.childNodes[0]); } else { userMessageElement.appendChild(messageBody); } } --> </script> <body> <div id="userIdMessage"><div> </body> If you have understood the above-mentioned seven steps, then you are almost done with AJAX. In the next chapter, we will see XMLHttpRequest object in detail.
  • 17. Ajax 13 The XMLHttpRequest object is the key to AJAX. It has been available ever since Internet Explorer 5.5 was released in July 2000, but was not fully discovered until AJAX and Web 2.0 in 2005 became popular. XMLHttpRequest (XHR) is an API that can be used by JavaScript, JScript, VBScript, and other web browser scripting languages to transfer and manipulate XML data to and from a webserver using HTTP, establishing an independent connection channel between a webpage's Client-Side and Server-Side. The data returned from XMLHttpRequest calls will often be provided by back-end databases. Besides XML, XMLHttpRequest can be used to fetch data in other formats, e.g. JSON or even plain text. You already have seen a couple of examples on how to create an XMLHttpRequest object. Listed below are some of the methods and properties that you have to get familiar with. XMLHttpRequestMethods  abort() Cancels the current request.  getAllResponseHeaders() Returns the complete set of HTTP headers as a string.  getResponseHeader( headerName ) Returns the value of the specified HTTP header.  open( method, URL )  open( method, URL, async )  open( method, URL, async, userName )  open( method, URL, async, userName, password ) Specifies the method, URL, and other optional attributes of a request. 6. XMLHTTPREQUEST
  • 18. Ajax 14 The method parameter can have a value of "GET", "POST", or "HEAD". Other HTTP methods such as "PUT" and "DELETE" (primarily used in REST applications) may be possible. The "async" parameter specifies whether the request should be handled asynchronously or not. "true" means that the script processing carries on after the send() method without waiting for a response, and "false" means that the script waits for a response before continuing script processing.  send( content ) Sends the request.  setRequestHeader( label, value ) Adds a label/value pair to the HTTP header to be sent. XMLHttpRequestProperties  onreadystatechange An event handler for an event that fires at every state change.  readyState The readyState property defines the current state of the XMLHttpRequest object. The following table provides a list of the possible values for the readyState property: State Description 0 The request is not initialized. 1 The request has been set up. 2 The request has been sent. 3 The request is in process. 4 The request is completed. readyState = 0 – After you have created the XMLHttpRequest object, but before you have called the open() method.
  • 19. Ajax 15 readyState = 1 After you have called the open() method, but before you have called send(). readyState = 2 After you have called send(). readyState = 3 After the browser has established a communication with the server, but before the server has completed the response. readyState = 4 After the request has been completed, and the response data has been completely received from the server.  responseText Returns the response as a string.  responseXML Returns the response as XML. This property returns an XML document object, which can be examined and parsed using the W3C DOM node tree methods and properties.  status Returns the status as a number (e.g., 404 for "Not Found" and 200 for "OK").  statusText Returns the status as a string (e.g., "Not Found" or "OK").
  • 20. Ajax 16 To clearly illustrate how easy it is to access information from a database using AJAX, we are going to build MySQL queries on the fly and display the results on "ajax.html". But before we proceed, let us do the ground work. Create a table using the following command. NOTE: We are assuming you have sufficient privilege to perform the following MySQL operations. CREATE TABLE 'ajax_example' ( 'name' varchar(50) NOT NULL, 'age' int(11) NOT NULL, 'sex' varchar(1) NOT NULL, 'wpm' int(11) NOT NULL, PRIMARY KEY ('name') ) Now dump the following data into this table using the following SQL statements: INSERT INTO 'ajax_example' VALUES ('Jerry', 120, 'm', 20); INSERT INTO 'ajax_example' VALUES ('Regis', 75, 'm', 44); INSERT INTO 'ajax_example' VALUES ('Frank', 45, 'm', 87); INSERT INTO 'ajax_example' VALUES ('Jill', 22, 'f', 72); INSERT INTO 'ajax_example' VALUES ('Tracy', 27, 'f', 0); INSERT INTO 'ajax_example' VALUES ('Julie', 35, 'f', 90); ClientSideHTMLFile Now let us have our client side HTML file, which is ajax.html, and it will have the following code: <html> <body> <script language="javascript" type="text/javascript"> <!-- //Browser Support Code 7. DATABASE OPERATIONS
  • 21. Ajax 17 function ajaxFunction(){ var ajaxRequest; // The variable that makes Ajax possible! try{ // Opera 8.0+, Firefox, Safari ajaxRequest = new XMLHttpRequest(); }catch (e){ // Internet Explorer Browsers try{ ajaxRequest = new ActiveXObject("Msxml2.XMLHTTP"); }catch (e) { try{ ajaxRequest = new ActiveXObject("Microsoft.XMLHTTP"); }catch (e){ // Something went wrong alert("Your browser broke!"); return false; } } } // Create a function that will receive data // sent from the server and will update // div section in the same page. ajaxRequest.onreadystatechange = function(){ if(ajaxRequest.readyState == 4){ var ajaxDisplay = document.getElementById('ajaxDiv'); ajaxDisplay.innerHTML = ajaxRequest.responseText; } } // Now get the value from user and pass it to // server script. var age = document.getElementById('age').value; var wpm = document.getElementById('wpm').value; var sex = document.getElementById('sex').value;
  • 22. Ajax 18 var queryString = "?age=" + age ; queryString += "&wpm=" + wpm + "&sex=" + sex; ajaxRequest.open("GET", "ajax-example.php" + queryString, true); ajaxRequest.send(null); } //--> </script> <form name='myForm'> Max Age: <input type='text' id='age' /> <br /> Max WPM: <input type='text' id='wpm' /> <br /> Sex: <select id='sex'> <option value="m">m</option> <option value="f">f</option> </select> <input type='button' onclick='ajaxFunction()' value='Query MySQL'/> </form> <div id='ajaxDiv'>Your result will display here</div> </body> </html> NOTE: The way of passing variables in the Query is according to HTTP standard and have formA. URL?variable1=value1;&variable2=value2; The above code will give you a screen as given below:
  • 23. Ajax 19 Max Age: Max WPM: Sex: Your result will display here in this section after you have made your entry. NOTE: This is a dummy screen. ServerSidePHPFile Your client-side script is ready. Now, we have to write our server-side script, which will fetch age, wpm, and sex from the database and will send it back to the client. Put the following code into the file "ajax-example.php". <?php $dbhost = "localhost"; $dbuser = "dbusername"; $dbpass = "dbpassword"; $dbname = "dbname"; //Connect to MySQL Server mysql_connect($dbhost, $dbuser, $dbpass); //Select Database mysql_select_db($dbname) or die(mysql_error()); // Retrieve data from Query String $age = $_GET['age']; $sex = $_GET['sex']; $wpm = $_GET['wpm']; // Escape User Input to help prevent SQL Injection
  • 24. Ajax 20 $age = mysql_real_escape_string($age); $sex = mysql_real_escape_string($sex); $wpm = mysql_real_escape_string($wpm); //build query $query = "SELECT * FROM ajax_example WHERE sex = '$sex'"; if(is_numeric($age)) $query .= " AND age <= $age"; if(is_numeric($wpm)) $query .= " AND wpm <= $wpm"; //Execute query $qry_result = mysql_query($query) or die(mysql_error()); //Build Result String $display_string = "<table>"; $display_string .= "<tr>"; $display_string .= "<th>Name</th>"; $display_string .= "<th>Age</th>"; $display_string .= "<th>Sex</th>"; $display_string .= "<th>WPM</th>"; $display_string .= "</tr>"; // Insert a new row in the table for each person returned while($row = mysql_fetch_array($qry_result)){ $display_string .= "<tr>"; $display_string .= "<td>$row[name]</td>"; $display_string .= "<td>$row[age]</td>"; $display_string .= "<td>$row[sex]</td>"; $display_string .= "<td>$row[wpm]</td>"; $display_string .= "</tr>"; } echo "Query: " . $query . "<br />";
  • 25. Ajax 21 $display_string .= "</table>"; echo $display_string; ?> Now try by entering a valid value (e.g., 120) in Max Age or any other box and then click Query MySQL button. Max Age: Max WPM: Sex: Your result will display here in this section after you have made your entry. If you have successfully completed this lesson, then you know how to use MySQL, PHP, HTML, and Javascript in tandem to write AJAX applications.
  • 26. Ajax 22 AJAXSecurity:ServerSide  AJAX-based Web applications use the same server-side security schemes of regular Web applications.  You specify authentication, authorization, and data protection requirements in your web.xml file (declarative) or in your program (programmatic).  AJAX-based Web applications are subject to the same security threats as regular Web applications. AJAXSecurity:ClientSide  JavaScript code is visible to a user/hacker. Hacker can use JavaScript code for inferring server-side weaknesses.  JavaScript code is downloaded from the server and executed ("eval") at the client and can compromise the client by mal-intended code.  Downloaded JavaScript code is constrained by the sand-box security model and can be relaxed for signed JavaScript. 8. SECURITY
  • 27. Ajax 23 AJAX is growing very fast and that is the reason that it contains many issues with it. We hope with the passes of time, they will be resolved and AJAX will become ideal for web applications. We are listing down a few issues that AJAX currently suffers from. Complexity is increased  Server-side developers will need to understand that presentation logic will be required in the HTML client pages as well as in the server-side logic.  Page developers must have JavaScript technology skills. AJAX-based applications can be difficult to debug, test, and maintain  JavaScript is hard to test - automatic testing is hard.  Weak modularity in JavaScript.  Lack of design patterns or best practice guidelines yet. Toolkits/Frameworks are not mature yet  Most of them are in beta phase. No standardization of the XMLHttpRequest yet  Future version of IE will address this. No support of XMLHttpRequest in old browsers  Iframe will help. JavaScript technology dependency and incompatibility  Must be enabled for applications to function.  Still some browser incompatibilities exist. JavaScript code is visible to a hacker  Poorly designed JavaScript code can invite security problems. 9. CURRENT ISSUES