Ajax respones details.

JavaScript and client side scripting.

Moderator: General Moderators

Post Reply
User avatar
JellyFish
DevNet Resident
Posts: 1361
Joined: Tue Feb 14, 2006 7:18 pm
Location: San Diego, CA

Ajax respones details.

Post by JellyFish »

I wrote a simple Ajax application upon learning Ajax through Mozilla Developers. So what I got basically is a test run on ajax for the sake of my education. So I got three pages.

index.php

Code: Select all

httpRequest.onreadystatechange = function() { getResponse() };
httpRequest.open("GET", "PHPAPI.php?e=Hello Whats up", true);
httpRequest.send(null);
function getResponse()
{
	if (httpRequest.readyState == 4)
	{
		if (httpRequest.status == 200)
		{
  	  alert(httpRequest.responseText);
		}
  	else
	  {
	  	alert('There was a problem with the request.');
		}
  }
}
JSAPI.js

Code: Select all

/************************************************
Javascript API.
************************************************/
(window.ActiveXObject) ? httpRequest = new ActiveXObject("Microsoft.XMLHTTP") : httpRequest = new XMLHttpRequest();
And PHPAPI.php

Code: Select all

<?php
echo $_GET['e'];
?>
So, as you can see this is very simple. Sets a variable e to a short string "Hello Whats Up" and then php takes that and echos it.

Now what I'm really trying to get at in this post is: What is considered as a valid response form php? With this example using the echo keyword I can easily respond. But what other ways are there, if any? How would I return an Array as a response? Why, from my experience, does echo return a response? What exactly is going on here?

Answers to this are appreciated. I don't even know if I covered everything. But my sum is, what's responseText/responseXML properties expecting in a response? What makes one in php? Echo only?
User avatar
JellyFish
DevNet Resident
Posts: 1361
Joined: Tue Feb 14, 2006 7:18 pm
Location: San Diego, CA

Post by JellyFish »

What I'm really trying to ask is: what is considered a response with a php script, or in other word, how do I respond with a php script?
User avatar
Maugrim_The_Reaper
DevNet Master
Posts: 2704
Joined: Tue Nov 02, 2004 5:43 am
Location: Ireland

Post by Maugrim_The_Reaper »

AJAX responses can be any text of any type. Plain text works for simple value returns, HTML can be returned for HTML replacement (though it's better to make HTML replacement a client side task to offload unnecessary server calls. XML can be returned and and read using the Javascript DOM for more complex data. A current popular format is JSON (Javascript Object Notation) since it far easier to manipulate than XML and can be used to encode PHP data types (including arrays!) which can then be eval()'d within Javascript to get a javascript hash (or other Array structure).

Basically, the response format depends on your needs. I suggest inventing a scenario and seeing what kind of effect a response will give rise to. Then post it here for more elaborate details. In your example above, plain text is likely just fine. All you're doing is echoing it straight back in a modal window.
nickvd
DevNet Resident
Posts: 1027
Joined: Thu Mar 10, 2005 5:27 pm
Location: Southern Ontario
Contact:

Post by nickvd »

<slightly off topic>
I would recommend against simply eval()'ing the json return response, as it could potentially leave you open to malicious code being run on the client. (the same security problems occur as compared to php's eval() usage)

The better option (http://www.json.org/js.html) would be to use a json parser to ensure properly formated and safe json strings.
User avatar
Maugrim_The_Reaper
DevNet Master
Posts: 2704
Joined: Tue Nov 02, 2004 5:43 am
Location: Ireland

Post by Maugrim_The_Reaper »

I agree completely - but that step is autonomous from eval(). It's a separate security measure. Unfortunately half the basic XMLHttpRequest tutorials using JSON as a response format fail to mention it. Reminds of the bad old days when it was acceptable to have a PHP tutorial which never highlighted security concerns in sample code - it'll end up breeding similar poor practice...
Post Reply