book

Head Rush Ajax

Name: Head Rush Ajax
Author: Brett McLaughlin
ISBN: 9780596102258

by Brett McLaughlin

March 2006

Beginner to intermediate

448 pages

13h 33m

English

O'Reilly Media, Inc.

Read now

Unlock full access

Head Rush Ajax
Meet your author
Table of Contents (summary)
Table of Contents (the real thing)
Intro
Who is this book for?
Who should probably back away from this book?
We know what you’re thinking.
And we know what your brain is thinking.This must be important! Don’t forget it!
Metacognition: thinking about thinking
So just how DO you get your brain to treat Ajax like it’s a hungry tiger?
Here’s what WE did:
Here’s what YOU can do to bend your brain into submission
Read Me

Tech Reviewers
And there’s a lot more...*
1 Using Ajax: Web Applications for a New Generation
The Web, Reloaded
The old way (think 1999)
Welcome to the new millenium!
No more waiting around......when you’re using Ajax appsAjax apps are asynchronous, too
"Reloads? We don’t need no stinking reloads."
Ajax to the rescue
Use Ajax to fix the web report...
Reworking the Boards ‘R’ Us report
The highlight reel: Chapter 1
HTML Refresher
Reviewing the Boards ‘R’ Us HTML
Step 1: Creating a request object
Step 2: Requesting updated sales
Adding the getBoardsSold() function
Sending the request to the right URL
PHP...at a glance
What the server used to do...
What the server should do now
The new script’s URL
Initializing the connection
Let’s break that down a bit...
Remember our checklist for getBoardsSold()?
Connecting to the web server
The server doesn’t need any data.
Reviewing what we’ve done
There are still some missing pieces
Back to the HTML
Running getBoardsSold() from the web form
Adding an event handler
Step 3: Coding updatePage()
Ajax is asynchronous JavaScript
Where does the response go?
How we see web apps...
Introducing the web browser
The browser just helps out
The browser gives the server’s response to your JavaScript
What should the browser do with the server’s response?
Sending instructions to the browser
Getting the server’s response
The browser helps out again
Planning the updatePage() function
Make sure the server is finished
Ready states are connected to your request object’s onreadystatechange property
Checking for the right ready state
Showing Katie some Ajax magic
Wait! Stop the presses!
What’s going on?
60 Second Review
2 Speaking the Language: Making Ajax Request
Break Neck Pizza Delivery
What’s the deal?
Solving the pizza delivery problem
No kidding!
Break Neck Pizza, Ajax-style
Diagramming the Break Neck app
Be the Architect
Step 1: Get the customer’s phone number
HTML 101: accepting user input
Event handlers connect HTML to JavaScript
Plan first, code later
Event handler roundup
On to the JavaScript
Use the DOM to get the phone number
Connecting the DOM dots
Step 2: Request the customer’s address
getCustomerInfo() at a glance
Creating a request object
Plans change
Supporting multiple browsers
Don’t annoy the customer!
JavaScript doesn’t have to be in a function
Back to getCustomerInfo()
Talking to the server-side guys
Break Neck’s PHP script
PHP...at a glance
Request URLs deliver data to the server
Giving instructions to the browser
Send the request to the server
Podcasting Studio
Step 3: Retrieve the customer’s address
HTTP Ready States
Right—because updatePage() runs every time the ready state changes.
Checking the ready state
What is the browser doing?
Get the server’s response from the request object
Step 4: Update the order form
Finishing off the callback function
Test driving the Break Neck app
Wait just a second...
Order matters in asynchronous apps
What’s going on in Windows?
When browsers cache request URLs...
Sometimes it takes a hack...
Good thinking!
Step 5: Place the customer’s pizza order
Back to Break Neck’s order form
The final test drive
60 Second Review (1/2)
60 Second Review (2/2)
Problems at Break Neck...
Checking the request’s status
The request URL is a relative URL
The browser always runs your callback... ...and it did report an error.
Servers return a ready state and a status code
Back to Break Neck...
3 She Blinded Me with Asynchrony: Asynchronous Apps
What does asynchronous really mean?
A synchronous request for colaAn asynchronous request for cola
Break Neck Pizza is an asynchronous app
But it was probably too fast for you to notice...
What does asynchronous get you?
Building an Ajax-powered coffee maker
Two coffee makers......and a whole office of caffeine addictsYou’re going to build an Ajax application to allow your co-workers to order their coffee online.
Three ingredients for asynchronous coffee
Connecting the parts of the coffee maker
How is the coffee maker going to work?
The back-and-forth of Ajax development
The coffee maker HTML
Yes, let’s put your JavaScript in a separate file.
Here’s what we did...
Sending a request for coffee
Writing JavaScript to send the request
Which coffee maker should we use?
Getting the beverage and size of the order
Getting the value of a radio group
What JavaScript do we still need to write?
Getting and setting the text content in a
What you want: to get the text in the “coffeemaker1-status”More help from text-utils.js
Checking a coffee maker’s status
Setting the text in a
Test drive
Let’s clear the form when an order is placed
What do we do with the server’s response?
Writing the callback function
Interpreting the server’s response
Introducing the JavaScript substring() function
substring() practice
Finishing up serveDrink()
The final test drive (right?)
So what happened to Jim’s coffee order?
A closer look at the request object
But what about Jim’s order?
We need two request objects!
Now you can keep up with both coffee orders.
Creating two request objects
Using two request objects
Yes, let’s change sendRequest() first
Updating orderCoffee()
Welcome to the world of asynchrony!
Skeptical?
A synchronous test drive
Change that baby back to asynchronous!
Two coffee makers, asynchrony, and one jittery, wired, happy office.
4 Web Page Forestry: the Document Object Model
Need a dynamic application?
Use the Document Object Model.
Meet the DOM
Under the Microscope: The document object
Using the DOM without Ajax
Better visit your local tree farm...
Here’s the HTML that you give to the browser...
...and here’s how the browser sees the HTML
The browser organizes your markup into a "tree" structure.
How the browser sees your HTML (part 2)
WRITE YOUR OWN Web Dictionary
Order matters to the web browser. (1/2)
Order matters to the web browser. (2/2)
Back to the forest
Browsers see the world upside down
A new type of tree: the DOM tree
Remember that big huge DOM tree we just looked at?
Moving around in a DOM tree
The node knows... pretty much everything.
You can! (well, sort of)
Some browsers don’t recognize Node
You’re ready for the challenge...
The Great Chapter 4 Coding Challenge
4.5 A Second Helping: Developing DOM applications
Everyone’s a critic
Checking out top5.html
What’s the game plan?
The big picture
Setting up the CD covers
Use JavaScript to programmatically add event handlers to all elements.
Adding event handlers
Running addOnClickHandlers()
Adding a CD to the top 5
After addToTop5() runs...
Pay attention to "this"
Finding the "top5"
Adding children to an element
Back to event handlers
Remember how we added the event handler?
Testing addToTop5()
An element can have only one parent
Exactly!
Adding the ranking number
More additions to our DOM tree
What’s left to do?
Completing addToTop5()
Testing the CD rankings (again)
Now you just need to update top5.html, and set the "Start Over" button to call your completed startOver() function:
A final test drive
The Great Chapter 4 Coding Challenge
5 Saying More with POST: POST Requests
Repeat business rocks
Submitting a form with Ajax
1. Update the Break Neck HTML
2. Send the order to the server
3. Update placeOrder.php
PHP...at a glance
When things go wrong
4. Write the callback function
The DOM is connected to what a customer sees
Test driving Break Neck
Not so fast, Alex...
Error messages are a good thing
The PHP code creates a new response header:
The server talks back
Break Neck error handling
GET requests versus POST requests
GET requests send data in the request URL
POST requests send data separate from the request URL
Web servers unencode POST data
Send more data with a POST request
Browsers cache GET requests
Browsers hate a mystery
Browsers don’t try and cache POST requests.
Trying out POST requests
Why didn’t the POST request work?
The mysterious POST data
You need to set the content type
Servers get information from the browser using request headers.
Servers send information to the browser using response headers.
Setting the Content Type
Another test drive
It’s browser-dependent
Well, it’s not that small...Hmmm.... well... umm....
Break Neck Pizza online
Welcome to SQL injection
It’s still your web application
Protecting against SQL injection in your JavaScript
You still need to secure the PHP script
What’s wrong with the PHP script?
SQL injection attacks without the web form
Protecting against SQL injection in your PHP scripts
Your customer database is secure!
6 More Than Words Can Say: XML Requests & Responses
servers don’t get to say much
Speak Up!
XML: just what the doctor ordered
Remember Katie?
The problem with Boards ‘R’ Us
But do you understand why?
Filling that XML prescription
PHP...at a glance
Trees, trees, everywhere I look
Using responseXML in your code
Time to take a shortcut:
Trying things out
XML is a meta language: it defines other XML languages.
XML is a standard... ...but how you use it isn’t.
That’s right.
You’ve really got this stuff down!
Why would you do that? (1/2)
Why would you do that? (2/2)
7 A Fight to the Finish: JSON versus XML
A review of request and response formats
Should you use XML or JSON?
Fighting Words
The heavyweight champion: XML
You work with XML using the DOM.
You use the DOM to work with XML
The young upstart: JSON
You work with JSON using “normal” JavaScript.
You don’t need a special object model to work with JSON data
JSON is JavaScript. (1/2)
We did say that JSON is JavaScript (1/2)
JSON is JavaScript. (2/2)
We did say that JSON is JavaScript (2/2)JSON comes across as text (1/2)You should use text data for your requests whenever possible. (1/2)You can use JSON, XML, or text in your requests to the server (1/2)JSON is great with objects... ...but do you really need objects? (1/2)
So which is the better data format?
JSON comes across as text (2/2)You should use text data for your requests whenever possible. (2/2)You can use JSON, XML, or text in your requests to the server (2/2)JSON is great with objects... ...but do you really need objects? (2/2)So which is the better data format?
Appendix 1: A Few Special Bonus Gifts: Extras
#1: Ajax toolkits
#2: script.aculo.us and other UI libraries
#3: Inspecting the DOM
Inspecting the DOM in Internet Explorer
Inspecting the DOM in Safari
#4: Using JSON libraries in your PHP scripts
#5: Using eval() with JSON
Use a JSON parser
Appendix 2: "All I Want Is the Code.": ajaz and DOM utilities
ajax.js
Using ajax.js
Don’t use what you don’t understand
text-utils.js
Using text-utils.js
Index
SymbolsA
B
CD
E
FGH
I
JLMN
O
PR
S
T
UVWX

Content preview from Head Rush Ajax

328

Even though you added validation to the Break Neck

order form, you should still escape strings and tighten

up the PHP script running on Break Neck’s web

server.

Even though you’ve added a nice layer of security to

your web page, clever hackers can work around your

page, and attack the lookupCustomer.php script

directly. In other words, your validation helps protect

your app from someone attaching you from a web

front end, but doesn’t do anything to stop someone

from going after your script directly.

Besides, putting a little extra work into securing your

PHP script is a good idea. You can never have too

much security... you never know when some clever

twelve year old will come up with a new way to get at

your data, and create problems for your customers.

You still need to secure the PHP script

So we’re done, right? Now that we’re

validating the phone number, nobody will

be able to enter those weird strings, and

get our customer lists.

You can

never have

too much

security.

are we done yet?

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

Read now

Unlock full access

More than 5,000 organizations count on O’Reilly

O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.

Julian F.

Head of Cybersecurity

I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.

Addison B.

Field Engineer

I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.

Amir M.

Data Platform Tech Lead

I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.

Mark W.

Embedded Software Engineer

Publisher Resources

ISBN: 0596102259Errata Page

Cloud Computing

Data Engineering

Data Science

AI & ML

Programming Languages

Software Architecture

IT/Ops

Security

Design

Business

Soft Skills

Head Rush Ajax

by Brett McLaughlin

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

More than 5,000 organizations count on O’Reilly

Julian F.

Addison B.

Amir M.

Mark W.

You might also like

What Successful Project Managers Do

Strange Code

How to Overcome a Power Deficit

Tips for Designing Effective Presentation Slide Decks

Publisher Resources