I built a notification system that checks whether there are new notifications every 10 seconds using the setInverval javascript function, that sends ajax request and returns a json with the notifications.
I would like to hear alternative ways to do that, that doesn't have to be timed.
Is a while loop & a worker thread better? Since I'm working with PHP, how do I not overload the server with too many requests?
What are the security risks I am facing with my system, and with the system you'd like to suggest.
If you're not satisfied with your current mechanism, look into the cluster of various mechanisms collectively called "comet" and/or web sockets depending on the browser profiles you have to support (IE8 and 9 don't have web sockets, for instance). There are several libraries out there to help you with this, such as socket.io.
I don't think the security profile changes either way, but that would probably be a separate question in any case.