Symbols and Numerics A
Total Page:16
File Type:pdf, Size:1020Kb
Index Symbols and Numerics functions to submit forms, 76 ", ', <, >, & characters images, 87–99 htmlentities function changing, 192 introduction, 4 200/304/401/403/404/500/503 HTTP making user aware of page changes, response codes, 12 57 MySQL tips and precautions, 57–58 A navigation, 20–24, 125–127 passing values in forms, 69–80 abort method PHP and, 25–48 XMLHttpRequest object, 14 processajax function, 74 action attribute, form tag reasons for increasing popularity, 8 passing values in forms, 69 receding limitations on web pages, ActiveX object 123 submitting forms via Ajax, 77 runajax function, 143 addFunction method security, 58, 187–204 combining Ajax with SOAP web server connection overload, 57 services, 144 showing/hiding content, 26–32 addslashes function submitting forms via, 69–80 avoiding SQL injection, 58 system requirements, 8 Ajax tool tips example, 44–47 acronym expanded, 6 user’s lack of familiarity with auto-completion, 32–40 technology, 123 background, 7 when to use, 124–128 browsers supporting, 8 Ajax navigation, 125–127 combining Ajax and XML with DOM, Back button, 125 223–227 hidden elements, 127–128 combining HTML_Table module Ajax Location Manager, 228–232 with, 129–133 Ajax portability combining with web services, cross-browser issues, 175–177 137–147 Ajax requests, response time concerns creating Ajax-based photo gallery, cross-browser issues, 180–182 101–122 Amazon description, 6 web services, 135, 136 dynamic form submittal in action, 70 appendChild method form validation example, 41–43 DOM elements, 220 235 236 ■INDEX applications browser upgrades, 185 creating Ajax-based photo gallery, graceful degradation, JavaScript, 101–122 183–185 array_search function JavaScript switched off in browser, creating Ajax-based photo gallery, 175 119 noscript element, 184 asynchronous requests saving Back/Forward buttons, combining Ajax with SOAP web 177–180 services, 143 cross-browser usage of SOAP web services, 137 XMLHttpRequest, 17–19 attack surface Firefox extensions, 208–212 security, 187–189 in-web site navigation, 177 attack surface security Internet Explorer extensions, related entry points within same 213–215 script, 188 support for Ajax, 8 using standard functions to process browsing tree structure user input, 188 DOM inspector, 208 attributes business logic, protecting, 200–203 filtering attributes from allowed tags, button element, 67 191 authentication C reauthentication for key actions, 192 calendar auto-completion, 32–40 database connection script for, 58 autocomp.php file, 79 retrieving information from auto-complete feature, 39, 40, 60, 61 database, 63 autocomplete function, 39 showing/hiding content example, 27–32 B calendar.php file Back button submitting forms via Ajax, 71 saving functionality of, 177–180 CGI (Common Gateway Interface), 2 when to use Ajax, 125 changesize function block table dynamic thumbnail generation, querying MySQL database, 52 95, 96 browser upgrades characters cross-browser issues, 185 JavaScript obfuscation, 201 browsers checkbox element, 67 client-side communication, 26 checkfortasks function cross-browser issues, 175–185 tool tips example, 45, 46 Ajax portability, 175–177 chmod command Ajax requests, response time uploading images, 90 concerns, 180–182 ■INDEX 237 className property cross-site scripting adding DOM elements, 220 see XSS clearTimeout function CSRF (cross-site request forgery), using delays to throttle requests, 197 193–196 client script accidental CSRF attacks, 195 combining Ajax with SOAP web confirming important actions services, 145 using one-time token, 193 client-side communication, 26 using user’s password, 195 client-side processing GET method, 195 video game store finder, 155 POST method, 195 closetask function XSS (cross-site scripting) compared, auto-complete example, 39 193 code obfuscator, 200 CSS animation config.php file creating Ajax-based photo gallery, it faster at Find creating Ajax-based photo gallery, 111, 112 105, 117 CSS properties CONNECT method, HTTP request, 13 DOM inspector, 208 connections, MySQL CSS styling http://superindex.apress.com/ video game store finder, 158 video game store finder, 154 content, showing/hiding, 26–32 curimage URL parameter cookies, stealing, 190 creating Ajax-based photo gallery, CREATE TABLE command 117 video game store finder, 163 createElement method D adding DOM elements, 219, 220 databases createform function connecting to MySQL, 51–52 auto-complete feature, 38 database connection script, 59 submitting forms via Ajax, 73, 76 server connection overload, 57 createInfoMarker function passing values from forms to, 78 video game store finder, 167 querying MySQL database, 52–56 createtext function retrieving information from, 63 using HTML_Table module, 132 dbconnector.php file createthumb function connecting to MySQL, 51 creating Ajax-based photo gallery, database connection script, 59, 60 118 video game store finder, 158, 170, dynamic thumbnail generation, 98 171, 173 cross-platform environment debugging web services, 135 Fiddler, 215 cross-site request forgery Firefox JavaScript debugging console, see CSRF 206–207 238 ■INDEX HTTP debugging tool, IE, 215 Ajax Location Manager, 228–232 Internet Explorer JavaScript browser DOM issues, JavaScript, 175 debugger, 206 combining Ajax and XML with, Venkman JavaScript debugger, 223–227 211–212 manipulating DOM elements, working with DOM, 217 221–222 degrading JavaScript gracefully manipulating XML using, 222 cross-browser issues, 183–185 DOM explorer noscript element, 184 developer toolbar, IE, 214 delays DOM inspector using delays to throttle requests, 197 Firefox extensions, 208 DELETE method, HTTP request, 13 doneloading function, 92, 93 deleteRow function DoS (denial of service) attack, 196–200 combining Ajax and XML with DOM, optimizing Ajax response data, 198 229, 232 using delays to throttle requests, 197 deleting images drop-down menus creating Ajax-based photo gallery, hidden elements, 127 111, 113 dynamic thumbnail generation, 95–99 delpic.php script creating Ajax-based photo gallery, E 116, 121 eBay denial of service attack web services, 135 see DoS (denial of service) attack elements developer community, PHP, 25 DOM elements developer toolbar accessing, 217–219 Internet Explorer extensions, 214 accessing elements within forms, DHTML (Dynamic HyperText Markup 219 Language), 3 adding and removing, 219–221 displaying images, 91–93 getElementById method, 217–218 div elements getElementsByTagName method, loading images, 114 218–219 DOM (document object model), manipulating, 221–222 217–233 hidden elements, 127 accessing DOM elements, 217–219 HTML form elements, 67–68 accessing elements within forms, updating element property via DOM, 219 217 getElementById method, 217–218 enctype argument, form tag getElementsByTagName method, creating Ajax-based photo gallery, 218–219 115 adding and removing DOM elements, 219–221 ■INDEX 239 entry points Firefox attack surface security, 187–189 JavaScript debugging console, related entry points within same 206–207 script, 188 Firefox extensions, 208–212 error message box DOM inspector, 208 Firefox JavaScript debugging console, HTML Validator, 212 207 LiveHTTPHeaders extension, error messages 209–211 creating Ajax-based photo gallery, Venkman JavaScript debugger, 114 211–212 Firefox JavaScript debugging console, web developer toolbar, 208 206 Flash, 2 JavaScript, 205–207 Flickr, 4 errors FLOSS (Free/Libre and Open Source it faster at Find combining Ajax with SOAP web Software) services, 145 cost of using MySQL with PHP, 49 escape tags when outputting client- footers submitted data, 192 Ajax-based navigation in, 126 http://superindex.apress.com/ escapeshellarg function, 189 form submission, processing events video game store finder, 159 manipulating DOM elements, 221 form validation, 80–86 exceptions example, 41–43 combining Ajax with SOAP web trim function, 166 services, 145 forms, 67–86 exit function Ajax-based dynamic form submittal form validation, 86 in action, 70 extensions DOM accessing elements within, 219 Firefox, 208–212 functions submitting forms via Ajax, Internet Explorer, 213–215 76 GET method, 68 F HTML form elements, 67–68 Fiddler passing values, 69 Internet Explorer extensions, 215 POST method, 69 file element submitting forms via Ajax, 69–80 HTML form elements, 68 forums file_exists function XSS (cross-site scripting), 189 displaying images, 93 Forward button findPosX/findPosY functions saving functionality of, 177–180 auto-complete example, 39 function names JavaScript obfuscation, 200 240 ■INDEX functions HEAD, 13 introduction to SOAP web services, hidetask, 45 136 htmlentities, 189, 192 not defining multiple times, 119 imageClick, 117 functions and methods init, 166, 167, 221 abort, 14 initialize, 180 addFunction, 144 intval, 58 addslashes, 58 isNaN, 133 appendChild, 220 isValidEmail, 202 array_search, 119 is_file, 93 autocomplete, 39 join, 172 changesize, 95, 96 loadLocations, 228, 230 checkfortasks, 45, 46 loadMap, 167 clearTimeout, 197 loadthescores, 142 closetask, 39 loadtotals, 132, 133 CONNECT, 13 makerequest, 23 createElement, 219, 220 max, 120 createform, 38, 73, 76 min, 119 createInfoMarker, 167 move_uploaded_file, 90 createtext, 132 mysql_close, 64 createthumb, 98, 118 mysql_connect, 51, 52, 59 DELETE, 13 mysql_fetch_array, 64 deleteRow, 229, 232 mysql_num_rows, 64 doneloading, 92, 93 mysql_real_escape_string, 58, 189 escapeshellarg, 189 mysql_select_db, 52 exit, 86 onreadystatechange, 167 file_exists, 93 open, 14, 15, 20 findPosX/findPosY, 39 opendatabase, 56, 64, 171, 173 GET, 13, 19,