Re: [fw-general] ZF and Ajax

Tue, 23 Jan 2007 06:06:50 -0800
A Tidy plugin sounds like a good idea. Also the mootools are nice, I used them a few times. Even before the AJAX enhancements I already used some jQuery in my application, though... and the "compressed" version of jQuery 1.1 has only 19Kb (ok, I am also using the additional forms-plugin with another 7Kb). 


Simon Mundy wrote:

I did not want to pass this information over the web because I think 
it is quite relevant for application security (even if ACL is used in 
each component) so now while building my normal page I also build a 
list of possible ajax calls which might be fired by the page. Each of 
these calls is stored in a session, together with a code. Only this 
code gets transmitted over the web. On each normal page load the 
session namespace I am using for this gets deleted which makes calls 
to old things impossible. In a fully AJAX application there would 
have to be a different approach to deleting old codes from the 
session because then there wouldn't be "normal page loads". In my 
case I only have a few page specific ajax elements, so for me this 
works.


Any thoughts on this approach?



Sounds good to me. For a production site that uses a moderate amount 
of lookups and AJAX-related functionality I simply use a single 
controller AjaxController.php that contains concrete methods for each 
of my calls. Most of these are non-secure functionality so I don't 
have any real security measures other than sanitising input and being 
careful escaping my output (a Tidy plugin to Zend_View is a handy 
addition).



To return output I use Zend_View snippets but nothing is JSON encoded. 
I prefer enabling mod_deflate on the server side and letting that do 
the heavy lifting for compression.



Mootools (www.mootools.net) is a beautifully written and quick 
AJAX-enabled javascript framework (>24Kb for the entire library if you 
leave off the non-essentials) and seems to fit the ZF-like approach of 
simplicity and grace.


--

Simon Mundy | Director | PEPTOLAB

""" " "" """""" "" "" """"""" " "" """"" " """"" "  """""" "" "
202/258 Flinders Lane | Melbourne | Victoria | Australia | 3000
Voice +61 (0) 3 9654 4324 | Mobile 0438 046 061 | Fax +61 (0) 3 9654 4124
http://www.peptolab.com























					Reply via email to