Opinion poll.

Ye' old general discussion board. Basically, for everything that isn't covered elsewhere. Come here to shoot the breeze, shoot your mouth off, or whatever suits your fancy.
This forum is not for asking programming related questions.

Moderator: General Moderators

With AJAX's possibilities, is learning javascript a nessesary evil for the programmer of our day?

Yes
10
77%
No
3
23%
No, but this is. (list what is on forum)
0
No votes
 
Total votes: 13

User avatar
Luke
The Ninja Space Mod
Posts: 6424
Joined: Fri Aug 05, 2005 1:53 pm
Location: Paradise, CA

Post by Luke »

nickvd wrote:In situations such as this, I feel that it is not only appropriate, but pretty much required to force javascript to be turned on.

Thoughts?
That's exactly what I was trying to say.
User avatar
akimm
Forum Contributor
Posts: 460
Joined: Thu Apr 27, 2006 10:50 am
Location: Ypsilanti Michigan, formally Clipsburgh

Post by akimm »

I love these sort of conversations, its always nice to read others thoughts, especially when they know more than you. I agree with all of you that say JS is important, I think in the end as someone put it best, AJAX will become an important skill. JS provides so many possibilities, that it seems silly to just ignore them, however, the fact that users can disable it scares me, because, I then must write compensation code so to speak, in order to disallow disabling functionality on the users account.

Thanks for all the replies, I hope you'll continue, as I'm enjoying this discourse very much, and I think there are those among you who agree.
User avatar
Maugrim_The_Reaper
DevNet Master
Posts: 2704
Joined: Tue Nov 02, 2004 5:43 am
Location: Ireland

Post by Maugrim_The_Reaper »

Never heard of Dojo, I'll have to look it up thanks
Dojo had a new release recently during the Ajax Experience conference (see http://www.ajaxian.com and down the page a bit). It's a heavyweight toolkit full of widgets, javascript language extensions, AJAX capabilities (though it uses some bind/io name for it), and lots more. It uses a package system to manage what parts get included. Unfortunately (I've been testing) certain elements from the widget library crash Firefox when certain Firefox addons are present - must be some sort of conflict... It's also poorly documented (not a surprise I suppose).
I think in the end as someone put it best, AJAX will become an important skill.
I think so too. That's not the only factor to consider. A good programmer will keep their skillset current. If I had a choice between a web developer who knew AJAX and javascript, and one who just knew PHP, then I'd be more inclined to hire the AJAX knowledgeable one. Give it time and that trend will become apparent IMO...

Incidentally, if Javascript is not your cup of tea, there's PEAR::HTML_AJAX and other similar PHP libraries to make it easier on PHP developers. Personally I don't use any of them - I like cutting to the chase and wrestling with Javascript...

One for Firefox2 - it offers Javascript 7. ;)
User avatar
Weirdan
Moderator
Posts: 5978
Joined: Mon Nov 03, 2003 6:13 pm
Location: Odessa, Ukraine

Post by Weirdan »

One for Firefox2 - it offers Javascript 7.
1.7 actually.
User avatar
Maugrim_The_Reaper
DevNet Master
Posts: 2704
Joined: Tue Nov 02, 2004 5:43 am
Location: Ireland

Post by Maugrim_The_Reaper »

Cursed be typos, matie.
User avatar
Jenk
DevNet Master
Posts: 3587
Joined: Mon Sep 19, 2005 6:24 am
Location: London

Post by Jenk »

JavaScript's bad rep comes from the various browsers implementing their own flavors.

Just look at the chunk of code needed to instantiate a XMLHttpRequest object on every popular browser for an example..

Then there is the issue of what if JavaScript is off? Or the browser doesn't support the functionality you want, or just plain doesn't have JS?

The above is why I am a firm believer JS is an optional fancy and nothing more.

I use it, I use it a lot, but still regard it as optional and thus my sites offer the same functionality with or without it, it just might be a little more expensive without it.
User avatar
akimm
Forum Contributor
Posts: 460
Joined: Thu Apr 27, 2006 10:50 am
Location: Ypsilanti Michigan, formally Clipsburgh

Post by akimm »

The only thing I fear is the knowledgable programmer, with JS can mess with my forms and other programs can't they? I mean just a while back, someone posted code with removes all htmlmarkup 'img' then forces that with some cool trig functions into a fast floating circle on the page. I know this is harmless, but i'm not so far into JS, that this one vulnerbility, seems to be a ominous point of what could happen.

Am I wrong?
User avatar
akimm
Forum Contributor
Posts: 460
Joined: Thu Apr 27, 2006 10:50 am
Location: Ypsilanti Michigan, formally Clipsburgh

Post by akimm »

As far as the extension issue in Firefox. Why not use JS to check browser, if its firefox, disable the dojo extensions, use alternitive methods, or none at all. I say this because of firefoxes popularity, its very likely that one point or another,someone willcome by andget a rude awakening, when they get their web crashed.
User avatar
Maugrim_The_Reaper
DevNet Master
Posts: 2704
Joined: Tue Nov 02, 2004 5:43 am
Location: Ireland

Post by Maugrim_The_Reaper »

That would be up to the Dojo developers...;). In my ideal world, checking the user's browser should never be required. I haven't looked into this in any detail. All I know is that Dojo widgets crash Firefox with the presence of a subset of FF addons. It's enough to make me reconsider using Dojo on a major application despite Dojo's immense library of features.

I should note that I have not as yet tested Dojo 0.4 (new) with Firefox 2 (also new) - this could all be fixed/figured out by now.
User avatar
Luke
The Ninja Space Mod
Posts: 6424
Joined: Fri Aug 05, 2005 1:53 pm
Location: Paradise, CA

Post by Luke »

akimm wrote:The only thing I fear is the knowledgable programmer, with JS can mess with my forms and other programs can't they?
Forms can be manipulated without javascript... my web developer extension allows me to change the html on a page, so I can change whatever form I want. That is why it is so important to make sure you validate information before excepting it on the server side and also why javascript or any other client side method of validation is worthless (by itself anyway)
User avatar
Jenk
DevNet Master
Posts: 3587
Joined: Mon Sep 19, 2005 6:24 am
Location: London

Post by Jenk »

notepad allows you to manipulate forms..
User avatar
Luke
The Ninja Space Mod
Posts: 6424
Joined: Fri Aug 05, 2005 1:53 pm
Location: Paradise, CA

Post by Luke »

yes... that too.
User avatar
RobertGonzalez
Site Administrator
Posts: 14293
Joined: Tue Sep 09, 2003 6:04 pm
Location: Fremont, CA, USA

Post by RobertGonzalez »

akimm wrote:The only thing I fear is the knowledgable programmer, with JS can mess with my forms and other programs can't they? I mean just a while back, someone posted code with removes all htmlmarkup 'img' then forces that with some cool trig functions into a fast floating circle on the page. I know this is harmless, but i'm not so far into JS, that this one vulnerbility, seems to be a ominous point of what could happen.

Am I wrong?
This doesn't even require javascript. I can view source your forms page, rewrite what I want, save the HTML to my desktop, load it in my browser and post the form to the page you intended to receive it. Of course this is not always available, but it is certainly a possibility.

This is itself is the main reason I do not rely on client side validation. I might use it, but I will not rely on it. The server gets the data, the server checks the data...
User avatar
akimm
Forum Contributor
Posts: 460
Joined: Thu Apr 27, 2006 10:50 am
Location: Ypsilanti Michigan, formally Clipsburgh

Post by akimm »

Everah Said:
This doesn't even require javascript. I can view source your forms page, rewrite what I want, save the HTML to my desktop, load it in my browser and post the form to the page you intended to receive it. Of course this is not always available, but it is certainly a possibility.
I'm very aware that you* can alter site A) source code, but i'm saying, thats not to say you can then add it to my server. Thereby changing my sites HTML elements.

And notepad I assume is the same, unless there is something I don't know.[/quote]
User avatar
RobertGonzalez
Site Administrator
Posts: 14293
Joined: Tue Sep 09, 2003 6:04 pm
Location: Fremont, CA, USA

Post by RobertGonzalez »

It doesn't have to be on your server. What I am saying is this... lets say I have a form on my site and you view the source, then save the source to your computer. you can actually modify the form and send it to my server anyway, right from your computer. Try this... take this HTML and save it to your desktop, then load it into your browser and submit it. It goes to my server and actually executes my PHP code...

Code: Select all

<html>
<head><title>Who's form is this anyway?</title></head>
<body>
<form method="post" action="http://www.codecompare.com/form_recipient.php">

<p>Make sure the number below is 5 then hit submit:</p>
<p><input type="text" name="number" value="5" /></p>
<p><input type="submit" name="send-button" value="Send this form to where ever" /></p>
</form>
</body>
</html>
Here is the code in form_recipient.php

Code: Select all

<html>
<head><title>Who's form is this anyway?</title></head>
<body>
<?php
if (isset($_POST['number']) && $_POST['number'] == 5) {
	echo '<p>You cracked my form!</p>';
} else {
	echo '<p>Nothing came to this or you didn\'t enter 5!</p>';
}
?>
</body>
</html>
Now if I am not checking my form inputs on the server, all of this information gets sent to my server, and if the script is not prepared to handle it or check for it, it may actually take input from who knows where and use it against your server.
Post Reply