Win a copy of Microservices Testing (Live Project) this week in the Spring forum!

Bogdan Brinzarea

author
+ Follow
since Aug 22, 2006
Cows and Likes
Cows
Total received
0
In last 30 days
0
Total given
0
Likes
Total received
0
Received in last 30 days
0
Total given
0
Given in last 30 days
0
Forums and Threads
Scavenger Hunt
expand Ranch Hand Scavenger Hunt
expand Greenhorn Scavenger Hunt

Recent posts by Bogdan Brinzarea

I think it's my turn to answer your question Satou.

The grid example in our book displays some information from the database to the client having a paging and an in place editing mechanism implemented.

Please feel free to check our online demo:

http://ajaxphp.packtpub.com/ajax/grid/

Bogdan
There are several scenarios available described at http://www.scit.wlv.ac.uk/~jphb/cp2101/soap/


Bogdan
15 years ago
AJAX as a technology doesn't modify the MVC pattern. AJAX only improves the user experience in the interface having now the possibility to overcome the annoying postbacks to the server.

I think that one of the important concepts about AJAX is that it improves the user experience and this is where the extra code goes.The JSPs we still act as the VIEW component in the MVC pattern.


Bogdan
We are glad that you find it useful !


Thank you,

Bogdan
I think what you are trying to do is to implement a mechanism where each column acts like a container and where each container's content can be dragged and dropped between containers and perhaps some additional actions (sorting) can be done within a container.

I know that these concepts are nicely implemented in script.aculo.us with Draggables and Droppables (maybe this is not what you want to hear).

Another library can be found at:
http://neb.net/playground/dragdrop/ or
http://cyberdummy.co.uk/test/dd.php

Bogdan
Script.aculo.us is built on Prototype which contains the AJAX core. Script.aculo.us adds the visual effects such as drag'n'drop.

As you don't want any additional AJAX functionality and you're interest is focused only on drag and drop script.aculo.us could be larger that you need to,so I recommend another library focused on your needs:

http://www.walterzorn.com/dragdrop/dragdrop_e.htm

Bogdan
The book's focus is mainly on AJAX as a technology and less on a specific framework. We are having an example of how we can use script.aculo.us's drag'n'drop functionality but the rest of the examples are built from the scratch with no use of an existing client framework.

Bogdan
The book's focus is on AJAX as a technology and I'm confident that it can introduce you to the world of AJAX showing you some real world examples.

You can take a look at the free downloadable chapters from the book to make a first impression about what you can expect from this book http://ajaxphp.packtpub.com/

The programming language chosen for this book is PHP but you can easily migrate the examples to Java(Servlets/JSP).

After you understand AJAX, the language used for the server side is completely your choice. I recommand PHP as it is very easy to start AJAX with PHP.


Bogdan
In addition to the responses posted so far, I can assure you that the migration from PHP to Java (Servlets/JSP) can be done with a minimal effort as the focus in the AJAX and PHP book remains on AJAX as a technology.

Bogdan
The book's main focus in on AJAX as a technology and not on a particular framework. We have used script.aculo.us in order to show what level of complexity an existing AJAX framework has reached. The example shows how easy you can develop some interesting user interface with an existing framework without going into the details of script.aculo.us itself.

SVG (Scalable Vector Graphics) is a language for describing 2D graphics and graphic applications in XML. It is a open standard from W3C http://www.w3.org/Graphics/SVG/

Currently, only Opera and Firefox natively support it, while Safari and Internet Explorer require a plugin. The most widely used plugin is Adobe SVG http://www.adobe.com/svg/ and its supports the 1.0 and 1.1 official specifications.

Regarding the applications that use it:
- Adobe Illustrator allows both the import and export of SVG images
- the Batik SVG Toolkit can be used to manipulate images in Java

There are also implementations for mobiles: Ikivo, Bitflash or Intesis

Oracle for example introduced a new SVG rendering module for its web applications.

Bogdan
As Eric stated in the previous post, there are no new security threats introduced by Ajax. As the XMLHttpRequest object (the core of AJAX) exists since 1999, we can say that the security has been around since 7 years now. And nobody has really complained about it. Some of us have used OWA (Outlook Web Access) and didn't complained about security threats. Well, OWA is using the XMLHttpRequest object and thus AJAX since the beginning.

As AJAX moves around the XMLHttpRequest, this is the only point which can introduce security threats. By default, web browsers have a very strict way to control what resources can be accessed using JavaScript. As XMLHttpRequest is a part of JavaScript it complies to these rules.

Chapter 3 of our book has a section called "Connecting to Remote Servers and JavaScript Security" that covers what I am about to say below. The threats Eric mentioned (SQL injection etc.) are handled in each example of the book.

By default, when you load a file on the client side, the JavaScript within this file obeys the rules imposed to the parent file. By default the page loaded from the server is allowed to make requests using the XMLHttpRequest object only to the original server. There are some problems related to cross-domain requests using the XMLHttpRequest. Unfortunatelly browsers handle this type of requests differently.

Here is an exercpt from the book about this topic:

"Internet Explorer is a friendly kind of web browser; which means that is arguably less secure, but more functional. It has a security model based on zones. The four zones are Internet, Local intranet, Trusted sites, and Restricted sites. Each zone has different security settings, which you can change going to Tools | Internet Options | Security. When accessing a web resource, it will be automatically assigned to one of the security zones, and the specific security options will be applied.
The default security options may vary depending on your system. By default, Internet Explorer will give full privileges to scripts loaded from a local file resource (not through a web server, not even the local web server). So if you try to load c:\ajax\... the script will run smoothly (before execution, you may be warned that the script you are loading has full privileges). If the JavaScript code was loaded through HTTP (say, http://localhost/ajax/..../ping.html), and that JavaScript code tries to make an HTTP request to another server, Internet Explorer will automatically display a confirmation box, where the user is asked to give permission for that action.
Firefox and Mozilla-based browsers have a more restrictive and more complicated security model, based on privileges. These browsers don't display a confirmation window automatically; instead, your JavaScript code must use a Mozilla specific API to ask about performing the required actions. If you are lucky the browser will display a confirmation box to the user, and depending on user's input, it will give the permission (or not) to your JavaScript code. If you aren't lucky, the Mozilla-based browser will ignore your code request completely. By default, Mozilla-based browsers will listen to privilege requests asked from local (file:///) resources, and will ignore completely requests from scripts loaded through HTTP, unless these scripts are signed (these are the default settings that can be changed manually, though). Learn more about signing scripts for Mozilla browsers at http://www.mozilla.org/projects/security/components/
signed-scripts.html."

I hope that this answer along with Eric's answer give you an idea on how AJAX is handled in security scenarios.

Best regards,
Bogdan
The focus in this AJAX PHP book is AJAX as a technology and the server side techniques in PHP is kept to a minimum. I am sure that by reading this book you can easily convert the server side examples to Java (Servlets/JSP).

Bogdan
Here you can find a small list of software applications that can help you when debugging in Internet Explorer.

http://blogs.msdn.com/ie/archive/2004/10/26/247912.aspx

Bogdan
Thank you Eric!

The link Eric posted nicely summarize the existing frameworks. In the AJAX PHP frameworks category you will find the complete list of existing frameworks specially designed for PHP.


Bogdan
I will try to answer your questions one by one.

The time span required in order to become an AJAX master mainly depends on what your JavaScript skills are. Many of the developers where using the core of AJAX (the XMLHttpRequest object) for awhile now. Let's not forget that it is available since 1999. If you master JavaScript now, you can say that in a couple of days you become an AJAX master too. With less skills in JavaScript, you can enter the AJAX world and master it in a month or two depending on your level. In my opinion mastering AJAX means being able to develop a framework of your own or to use one of the existing frameworks and to adapt it or extend it according to your needs.

The second question is somehow related to the first one in that AJAX relates mainly to the client side of the application and the supporting language for the server can be PHP, Java (Servelts/JSP), C# (ASP.NET) etc.. There are AJAX frameworks that have only client libraries (Dojo, Prototype etc) or the are AJAX frameworks dedicated to a specific language. Yout can find a comprehensive list of such frameworks at http://ajaxpatterns.org/wiki/index.php?title=AJAXFrameworks

I hope I have answered your questions!

Sorry for the delay !

Best regards,
Bogdan