First question using the site so please bear with me if I haven't followed every rule in the book.
I come from a C++ background and don't have a great deal of experience with php/AJAX so I know that I probably have approached some of the following coding tasks in a sub-optimal/ improper way for writing code in different languages but anyway...
I have a Web site which uses a member login system written in PHP (connected to a mysql database), and the site is written using .php files to accomodate for this login system.
I want to use AJAX and JS on my .php pages to make them have a better user experience and I know this is possible (as I have done it), but I wanted to know if there are any negative/technical reasons why I shouldn't (and whether there are any better ways of doing this) as php is server side and AJAX is Client side.
Any advice would be appreciated.
Thanks
EDIT I've added some code to show the type of things I would like to add to my php site
<?php
require "class.loginsys.php";
$LS = new LoginSystem();
$LS->init();
?>
<!-- HTML page structure -->
<!DOCTYPE html>
<html>
<head>
<title>OnyxProjectsPage</title>
<link rel="stylesheet" type="text/css" href="style.css" />
<script type = "text/javascript">
function createTable()
{
var xhr;
if (window.XMLHttpRequest) // Mozilla, Safari, ...
{
xhr = new XMLHttpRequest();
}
else if (window.ActiveXObject) // IE 8 and older
{
xhr = new ActiveXObject("Microsoft.XMLHTTP");
}
xhr.open("GET", "createDatabase.php");
//xhr.setRequestHeader("Content-Type", "application/x-www-form-urlencoded");
xhr.send();
xhr.onreadystatechange = display_data;
function display_data()
{
if (xhr.readyState == 4)
{
if (xhr.status == 200)
{
alert("Table Created");
}
else
{
alert('There was a problem with the request.');
}
}
}
}
</script>
</head>
<body>
<!-- Header background bar -->
<div id="container" style="width: 1920px">
<div id="header" style="background-color:#4c4c4c;">
<form class="well-home span6 form-horizontal" name="ajax-demo" id="ajax-demo">
<div class="controls">
<button type="button" onclick="createTable()">Create Testplan</button>
</div>
</form>
</body>
</html>
Using AJAX / JavaScript is not more dangerous than regular PHP. You can argue, that people can disable JavaScript and thus not be able to perform your expected result.
Usually, using AJAX will, as you mentioned, satisfy the user-experience, since they don't have to reload the page everytime a request is send.
The best solution, in my opinion, would be:
Check if the User enabled Javascript in his browser (keyword: noscript). If so, you can do use Frameworks like jQuery. Using this you can take advantage of the build-in ajax-function (take a look here). Otherwise prepare a fallback/failsafe mode for to serve every visitor.
LT;DR
Mix both of them. In any case, check and validate on serverside before inserting data in a database (or everything related to that kind of stuff), even if you checked it on the clientside already.
Personally, I prefer a combination of both, however not in same example as DasSaffe supplied.
I would write your PHP/HTML log-in page and when a user attempts to log in it runs your PHP script through an ajax request. If the PHP script returns success then ajax can redirect the user successfully.
The nice thing about this is that you can handle empty fields/invalid log-ins without ever leaving the page. If you use PHP only you will have to redirect the user to your script and then redirect back if there is an error.
Then you have to think, if I redirect my user back to the log-in page how do I tell the user that there was an error?