Notification system using PHP+jQuery+Ajax
up vote
1
down vote
favorite
I have this code to display a counter on the side of <i class="fas fa-bell mr-3"></i>
. I want to know if this code is good on security and perfomance.
I just started using jquery and ajax, i had heard people saying that someone could disable the javascript and do bad things. What you guys think about my code?
<div>
<ul class="navbar-nav textoPerfilDesk dropMenuHoverColor">
<li class="nav-item dropdown pr-2 dropleft navbarItem ">
<a class="nav-link dropdown-toggle-fk" href="#" id="navbarDropdownMenuLink" role="button" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false">
<i class="fas fa-bell mr-3"></i>
</a>
<div class="dropdown-menu dropdown-menu-fk py-3" aria-labelledby="navbarDropdownMenuLink">
<a class="dropdown-item dropMNitemNT" href="um-link">
<span class="d-flex">
<img class="imgNT" src="img/1.jpg">
<span class="pl-2 pt-1">
titutlo
</span>
</span>
</a>
</div>
</li>
</ul>
<span class="text-white divCountNT" id="datacount"></span>
</div>
script:
<script>
$(document).ready(function(){
var intervalo, carregaDiv;
(carregaDiv = function(){
$("#datacount").load('select.php', function(){
intervalo = setTimeout(carregaDiv, 1000);
});
})();
$('.fa-bell').on('click', function (){
clearTimeout(intervalo);
$.ajax({
url: "update.php",
complete: function(){
setTimeout(carregaDiv, 1000);
}
});
});
});
</script>
select.php
<?php
require_once 'db.php';
if(!isset($_SESSION))session_start();
if(isset($_SESSION['userid'])) {
$userid = $_SESSION['userid'];
}
$status = 'unread';
$sql = $conn->prepare("SELECT * FROM noti WHERE status = :status AND
userid = :userid");
$sql->bindParam(':userid', $userid, PDO::PARAM_INT);
$sql->bindParam(':status', $status, PDO::PARAM_STR);
$sql->execute();
$countNT = $sql->rowCount();
echo $countNT;
$conn = null;
?>
update.php
<?php
require_once 'db.php';
if(!isset($_SESSION))session_start();
if(isset($_SESSION['userid'])) {
$userid = $_SESSION['userid'];
}
$status = 'read';
$sql = $conn->prepare("UPDATE noti SET status = :status WHERE userid = :userid");
$sql->bindParam(':user_id', $userid, PDO::PARAM_INT);
$sql->bindParam(':status', $status, PDO::PARAM_STR);
$sql->execute();
$countNT = $sql->rowCount();
echo $countNT;
$conn = null;
?>
php jquery security ajax
add a comment |
up vote
1
down vote
favorite
I have this code to display a counter on the side of <i class="fas fa-bell mr-3"></i>
. I want to know if this code is good on security and perfomance.
I just started using jquery and ajax, i had heard people saying that someone could disable the javascript and do bad things. What you guys think about my code?
<div>
<ul class="navbar-nav textoPerfilDesk dropMenuHoverColor">
<li class="nav-item dropdown pr-2 dropleft navbarItem ">
<a class="nav-link dropdown-toggle-fk" href="#" id="navbarDropdownMenuLink" role="button" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false">
<i class="fas fa-bell mr-3"></i>
</a>
<div class="dropdown-menu dropdown-menu-fk py-3" aria-labelledby="navbarDropdownMenuLink">
<a class="dropdown-item dropMNitemNT" href="um-link">
<span class="d-flex">
<img class="imgNT" src="img/1.jpg">
<span class="pl-2 pt-1">
titutlo
</span>
</span>
</a>
</div>
</li>
</ul>
<span class="text-white divCountNT" id="datacount"></span>
</div>
script:
<script>
$(document).ready(function(){
var intervalo, carregaDiv;
(carregaDiv = function(){
$("#datacount").load('select.php', function(){
intervalo = setTimeout(carregaDiv, 1000);
});
})();
$('.fa-bell').on('click', function (){
clearTimeout(intervalo);
$.ajax({
url: "update.php",
complete: function(){
setTimeout(carregaDiv, 1000);
}
});
});
});
</script>
select.php
<?php
require_once 'db.php';
if(!isset($_SESSION))session_start();
if(isset($_SESSION['userid'])) {
$userid = $_SESSION['userid'];
}
$status = 'unread';
$sql = $conn->prepare("SELECT * FROM noti WHERE status = :status AND
userid = :userid");
$sql->bindParam(':userid', $userid, PDO::PARAM_INT);
$sql->bindParam(':status', $status, PDO::PARAM_STR);
$sql->execute();
$countNT = $sql->rowCount();
echo $countNT;
$conn = null;
?>
update.php
<?php
require_once 'db.php';
if(!isset($_SESSION))session_start();
if(isset($_SESSION['userid'])) {
$userid = $_SESSION['userid'];
}
$status = 'read';
$sql = $conn->prepare("UPDATE noti SET status = :status WHERE userid = :userid");
$sql->bindParam(':user_id', $userid, PDO::PARAM_INT);
$sql->bindParam(':status', $status, PDO::PARAM_STR);
$sql->execute();
$countNT = $sql->rowCount();
echo $countNT;
$conn = null;
?>
php jquery security ajax
(I'd be more inclined to delve into the code if comments, the introduction and, to the extent feasible, the title of this post told who or what is notified how about what.)
– greybeard
Dec 1 at 15:24
add a comment |
up vote
1
down vote
favorite
up vote
1
down vote
favorite
I have this code to display a counter on the side of <i class="fas fa-bell mr-3"></i>
. I want to know if this code is good on security and perfomance.
I just started using jquery and ajax, i had heard people saying that someone could disable the javascript and do bad things. What you guys think about my code?
<div>
<ul class="navbar-nav textoPerfilDesk dropMenuHoverColor">
<li class="nav-item dropdown pr-2 dropleft navbarItem ">
<a class="nav-link dropdown-toggle-fk" href="#" id="navbarDropdownMenuLink" role="button" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false">
<i class="fas fa-bell mr-3"></i>
</a>
<div class="dropdown-menu dropdown-menu-fk py-3" aria-labelledby="navbarDropdownMenuLink">
<a class="dropdown-item dropMNitemNT" href="um-link">
<span class="d-flex">
<img class="imgNT" src="img/1.jpg">
<span class="pl-2 pt-1">
titutlo
</span>
</span>
</a>
</div>
</li>
</ul>
<span class="text-white divCountNT" id="datacount"></span>
</div>
script:
<script>
$(document).ready(function(){
var intervalo, carregaDiv;
(carregaDiv = function(){
$("#datacount").load('select.php', function(){
intervalo = setTimeout(carregaDiv, 1000);
});
})();
$('.fa-bell').on('click', function (){
clearTimeout(intervalo);
$.ajax({
url: "update.php",
complete: function(){
setTimeout(carregaDiv, 1000);
}
});
});
});
</script>
select.php
<?php
require_once 'db.php';
if(!isset($_SESSION))session_start();
if(isset($_SESSION['userid'])) {
$userid = $_SESSION['userid'];
}
$status = 'unread';
$sql = $conn->prepare("SELECT * FROM noti WHERE status = :status AND
userid = :userid");
$sql->bindParam(':userid', $userid, PDO::PARAM_INT);
$sql->bindParam(':status', $status, PDO::PARAM_STR);
$sql->execute();
$countNT = $sql->rowCount();
echo $countNT;
$conn = null;
?>
update.php
<?php
require_once 'db.php';
if(!isset($_SESSION))session_start();
if(isset($_SESSION['userid'])) {
$userid = $_SESSION['userid'];
}
$status = 'read';
$sql = $conn->prepare("UPDATE noti SET status = :status WHERE userid = :userid");
$sql->bindParam(':user_id', $userid, PDO::PARAM_INT);
$sql->bindParam(':status', $status, PDO::PARAM_STR);
$sql->execute();
$countNT = $sql->rowCount();
echo $countNT;
$conn = null;
?>
php jquery security ajax
I have this code to display a counter on the side of <i class="fas fa-bell mr-3"></i>
. I want to know if this code is good on security and perfomance.
I just started using jquery and ajax, i had heard people saying that someone could disable the javascript and do bad things. What you guys think about my code?
<div>
<ul class="navbar-nav textoPerfilDesk dropMenuHoverColor">
<li class="nav-item dropdown pr-2 dropleft navbarItem ">
<a class="nav-link dropdown-toggle-fk" href="#" id="navbarDropdownMenuLink" role="button" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false">
<i class="fas fa-bell mr-3"></i>
</a>
<div class="dropdown-menu dropdown-menu-fk py-3" aria-labelledby="navbarDropdownMenuLink">
<a class="dropdown-item dropMNitemNT" href="um-link">
<span class="d-flex">
<img class="imgNT" src="img/1.jpg">
<span class="pl-2 pt-1">
titutlo
</span>
</span>
</a>
</div>
</li>
</ul>
<span class="text-white divCountNT" id="datacount"></span>
</div>
script:
<script>
$(document).ready(function(){
var intervalo, carregaDiv;
(carregaDiv = function(){
$("#datacount").load('select.php', function(){
intervalo = setTimeout(carregaDiv, 1000);
});
})();
$('.fa-bell').on('click', function (){
clearTimeout(intervalo);
$.ajax({
url: "update.php",
complete: function(){
setTimeout(carregaDiv, 1000);
}
});
});
});
</script>
select.php
<?php
require_once 'db.php';
if(!isset($_SESSION))session_start();
if(isset($_SESSION['userid'])) {
$userid = $_SESSION['userid'];
}
$status = 'unread';
$sql = $conn->prepare("SELECT * FROM noti WHERE status = :status AND
userid = :userid");
$sql->bindParam(':userid', $userid, PDO::PARAM_INT);
$sql->bindParam(':status', $status, PDO::PARAM_STR);
$sql->execute();
$countNT = $sql->rowCount();
echo $countNT;
$conn = null;
?>
update.php
<?php
require_once 'db.php';
if(!isset($_SESSION))session_start();
if(isset($_SESSION['userid'])) {
$userid = $_SESSION['userid'];
}
$status = 'read';
$sql = $conn->prepare("UPDATE noti SET status = :status WHERE userid = :userid");
$sql->bindParam(':user_id', $userid, PDO::PARAM_INT);
$sql->bindParam(':status', $status, PDO::PARAM_STR);
$sql->execute();
$countNT = $sql->rowCount();
echo $countNT;
$conn = null;
?>
php jquery security ajax
php jquery security ajax
asked Dec 1 at 3:18
515948453225
185
185
(I'd be more inclined to delve into the code if comments, the introduction and, to the extent feasible, the title of this post told who or what is notified how about what.)
– greybeard
Dec 1 at 15:24
add a comment |
(I'd be more inclined to delve into the code if comments, the introduction and, to the extent feasible, the title of this post told who or what is notified how about what.)
– greybeard
Dec 1 at 15:24
(I'd be more inclined to delve into the code if comments, the introduction and, to the extent feasible, the title of this post told who or what is notified how about what.)
– greybeard
Dec 1 at 15:24
(I'd be more inclined to delve into the code if comments, the introduction and, to the extent feasible, the title of this post told who or what is notified how about what.)
– greybeard
Dec 1 at 15:24
add a comment |
1 Answer
1
active
oldest
votes
up vote
1
down vote
accepted
JAVASCRIPT SECURITY
Javascript is running on the client, and is therefore under full control of the user. It can be disabled, inspected, manipulated, and everything else that can done in a programming language. You knew this, didn't you?
Javascript is, almost by definition, insecure. Things that have to do with the security of your site, like validating passwords, should not be done in Javascript. And in your code you don't do anything security related in Javascript. All you do is set a timer running and call two PHP scripts. No risks there.
PHP SECURITY
The PHP scripts are another matter. Here is where things really happen, and you should implement your security measures here. Even though these scripts implement AJAX calls, they can be executed by anybody.
You seem to have users, that can log in. Their user ID is stored in $_SESSION['userid']
. I notice that you don't do anything, in your PHP scripts, when this ID is absent. You still execute the database queries. That is a bad idea.
When the two current PHP scripts are called, without an user ID, they will probably just perform database queries that are invalid. No real harm done. But you shouldn't rely on just pure luck. Good security should leave no doubts about what will happen.
I therefore propose I slight change to your code. Instead of writing this:
if (isset($_SESSION['userid'])) {
$userid = $_SESSION['userid'];
}
you could write this:
if (!isset($_SESSION['userid'])) die('Not logged in.');
$userid = $_SESSION['userid'];
this means that the PHP scripts will halt execution when there's no user, as they should.
PERFORMANCE
You code is evidently not very efficient. Polling the database every second does not scale very well. There are other ways to do this. For instance with web sockets: https://developer.mozilla.org/en-US/docs/Web/API/Websockets_API ( you would use a combination of the tools mentioned there). Updates will be quicker, without polling.
For now polling will probably be fine for you, after all you're still learning Jquery and that is a challenge in itself. It takes time to understand how everything hangs together.
Lets talk about this paragraphPHP SECURITY
. I useecho
to print out on the screen the HTML code for this notification, and it's all inside aif (!empty($user_id)) {
example: pastebin.com/wmty3PKd is it enough? This way i will not execute the queries if the user is not logged in.
– 515948453225
Dec 4 at 17:23
And i changedintervalo = setTimeout(carregaDiv, 1000);
tointervalo = setTimeout(carregaDiv, 60000);
– 515948453225
Dec 4 at 17:25
1
Yes, as long as you check that there is a valid user, before you do user-related things, it should be fine. Raising the interval of the timer to 60 seconds will certainly help, but the principle won't change. I also noted that you 'chain' your timers, instead of having one timer created withsetInterval()
. Your counter will stop whenever a single connection problem is encountered. In other words: It's not robust.
– KIKO Software
Dec 5 at 8:34
add a comment |
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
up vote
1
down vote
accepted
JAVASCRIPT SECURITY
Javascript is running on the client, and is therefore under full control of the user. It can be disabled, inspected, manipulated, and everything else that can done in a programming language. You knew this, didn't you?
Javascript is, almost by definition, insecure. Things that have to do with the security of your site, like validating passwords, should not be done in Javascript. And in your code you don't do anything security related in Javascript. All you do is set a timer running and call two PHP scripts. No risks there.
PHP SECURITY
The PHP scripts are another matter. Here is where things really happen, and you should implement your security measures here. Even though these scripts implement AJAX calls, they can be executed by anybody.
You seem to have users, that can log in. Their user ID is stored in $_SESSION['userid']
. I notice that you don't do anything, in your PHP scripts, when this ID is absent. You still execute the database queries. That is a bad idea.
When the two current PHP scripts are called, without an user ID, they will probably just perform database queries that are invalid. No real harm done. But you shouldn't rely on just pure luck. Good security should leave no doubts about what will happen.
I therefore propose I slight change to your code. Instead of writing this:
if (isset($_SESSION['userid'])) {
$userid = $_SESSION['userid'];
}
you could write this:
if (!isset($_SESSION['userid'])) die('Not logged in.');
$userid = $_SESSION['userid'];
this means that the PHP scripts will halt execution when there's no user, as they should.
PERFORMANCE
You code is evidently not very efficient. Polling the database every second does not scale very well. There are other ways to do this. For instance with web sockets: https://developer.mozilla.org/en-US/docs/Web/API/Websockets_API ( you would use a combination of the tools mentioned there). Updates will be quicker, without polling.
For now polling will probably be fine for you, after all you're still learning Jquery and that is a challenge in itself. It takes time to understand how everything hangs together.
Lets talk about this paragraphPHP SECURITY
. I useecho
to print out on the screen the HTML code for this notification, and it's all inside aif (!empty($user_id)) {
example: pastebin.com/wmty3PKd is it enough? This way i will not execute the queries if the user is not logged in.
– 515948453225
Dec 4 at 17:23
And i changedintervalo = setTimeout(carregaDiv, 1000);
tointervalo = setTimeout(carregaDiv, 60000);
– 515948453225
Dec 4 at 17:25
1
Yes, as long as you check that there is a valid user, before you do user-related things, it should be fine. Raising the interval of the timer to 60 seconds will certainly help, but the principle won't change. I also noted that you 'chain' your timers, instead of having one timer created withsetInterval()
. Your counter will stop whenever a single connection problem is encountered. In other words: It's not robust.
– KIKO Software
Dec 5 at 8:34
add a comment |
up vote
1
down vote
accepted
JAVASCRIPT SECURITY
Javascript is running on the client, and is therefore under full control of the user. It can be disabled, inspected, manipulated, and everything else that can done in a programming language. You knew this, didn't you?
Javascript is, almost by definition, insecure. Things that have to do with the security of your site, like validating passwords, should not be done in Javascript. And in your code you don't do anything security related in Javascript. All you do is set a timer running and call two PHP scripts. No risks there.
PHP SECURITY
The PHP scripts are another matter. Here is where things really happen, and you should implement your security measures here. Even though these scripts implement AJAX calls, they can be executed by anybody.
You seem to have users, that can log in. Their user ID is stored in $_SESSION['userid']
. I notice that you don't do anything, in your PHP scripts, when this ID is absent. You still execute the database queries. That is a bad idea.
When the two current PHP scripts are called, without an user ID, they will probably just perform database queries that are invalid. No real harm done. But you shouldn't rely on just pure luck. Good security should leave no doubts about what will happen.
I therefore propose I slight change to your code. Instead of writing this:
if (isset($_SESSION['userid'])) {
$userid = $_SESSION['userid'];
}
you could write this:
if (!isset($_SESSION['userid'])) die('Not logged in.');
$userid = $_SESSION['userid'];
this means that the PHP scripts will halt execution when there's no user, as they should.
PERFORMANCE
You code is evidently not very efficient. Polling the database every second does not scale very well. There are other ways to do this. For instance with web sockets: https://developer.mozilla.org/en-US/docs/Web/API/Websockets_API ( you would use a combination of the tools mentioned there). Updates will be quicker, without polling.
For now polling will probably be fine for you, after all you're still learning Jquery and that is a challenge in itself. It takes time to understand how everything hangs together.
Lets talk about this paragraphPHP SECURITY
. I useecho
to print out on the screen the HTML code for this notification, and it's all inside aif (!empty($user_id)) {
example: pastebin.com/wmty3PKd is it enough? This way i will not execute the queries if the user is not logged in.
– 515948453225
Dec 4 at 17:23
And i changedintervalo = setTimeout(carregaDiv, 1000);
tointervalo = setTimeout(carregaDiv, 60000);
– 515948453225
Dec 4 at 17:25
1
Yes, as long as you check that there is a valid user, before you do user-related things, it should be fine. Raising the interval of the timer to 60 seconds will certainly help, but the principle won't change. I also noted that you 'chain' your timers, instead of having one timer created withsetInterval()
. Your counter will stop whenever a single connection problem is encountered. In other words: It's not robust.
– KIKO Software
Dec 5 at 8:34
add a comment |
up vote
1
down vote
accepted
up vote
1
down vote
accepted
JAVASCRIPT SECURITY
Javascript is running on the client, and is therefore under full control of the user. It can be disabled, inspected, manipulated, and everything else that can done in a programming language. You knew this, didn't you?
Javascript is, almost by definition, insecure. Things that have to do with the security of your site, like validating passwords, should not be done in Javascript. And in your code you don't do anything security related in Javascript. All you do is set a timer running and call two PHP scripts. No risks there.
PHP SECURITY
The PHP scripts are another matter. Here is where things really happen, and you should implement your security measures here. Even though these scripts implement AJAX calls, they can be executed by anybody.
You seem to have users, that can log in. Their user ID is stored in $_SESSION['userid']
. I notice that you don't do anything, in your PHP scripts, when this ID is absent. You still execute the database queries. That is a bad idea.
When the two current PHP scripts are called, without an user ID, they will probably just perform database queries that are invalid. No real harm done. But you shouldn't rely on just pure luck. Good security should leave no doubts about what will happen.
I therefore propose I slight change to your code. Instead of writing this:
if (isset($_SESSION['userid'])) {
$userid = $_SESSION['userid'];
}
you could write this:
if (!isset($_SESSION['userid'])) die('Not logged in.');
$userid = $_SESSION['userid'];
this means that the PHP scripts will halt execution when there's no user, as they should.
PERFORMANCE
You code is evidently not very efficient. Polling the database every second does not scale very well. There are other ways to do this. For instance with web sockets: https://developer.mozilla.org/en-US/docs/Web/API/Websockets_API ( you would use a combination of the tools mentioned there). Updates will be quicker, without polling.
For now polling will probably be fine for you, after all you're still learning Jquery and that is a challenge in itself. It takes time to understand how everything hangs together.
JAVASCRIPT SECURITY
Javascript is running on the client, and is therefore under full control of the user. It can be disabled, inspected, manipulated, and everything else that can done in a programming language. You knew this, didn't you?
Javascript is, almost by definition, insecure. Things that have to do with the security of your site, like validating passwords, should not be done in Javascript. And in your code you don't do anything security related in Javascript. All you do is set a timer running and call two PHP scripts. No risks there.
PHP SECURITY
The PHP scripts are another matter. Here is where things really happen, and you should implement your security measures here. Even though these scripts implement AJAX calls, they can be executed by anybody.
You seem to have users, that can log in. Their user ID is stored in $_SESSION['userid']
. I notice that you don't do anything, in your PHP scripts, when this ID is absent. You still execute the database queries. That is a bad idea.
When the two current PHP scripts are called, without an user ID, they will probably just perform database queries that are invalid. No real harm done. But you shouldn't rely on just pure luck. Good security should leave no doubts about what will happen.
I therefore propose I slight change to your code. Instead of writing this:
if (isset($_SESSION['userid'])) {
$userid = $_SESSION['userid'];
}
you could write this:
if (!isset($_SESSION['userid'])) die('Not logged in.');
$userid = $_SESSION['userid'];
this means that the PHP scripts will halt execution when there's no user, as they should.
PERFORMANCE
You code is evidently not very efficient. Polling the database every second does not scale very well. There are other ways to do this. For instance with web sockets: https://developer.mozilla.org/en-US/docs/Web/API/Websockets_API ( you would use a combination of the tools mentioned there). Updates will be quicker, without polling.
For now polling will probably be fine for you, after all you're still learning Jquery and that is a challenge in itself. It takes time to understand how everything hangs together.
edited Dec 4 at 9:30
answered Dec 4 at 9:19
KIKO Software
1,549512
1,549512
Lets talk about this paragraphPHP SECURITY
. I useecho
to print out on the screen the HTML code for this notification, and it's all inside aif (!empty($user_id)) {
example: pastebin.com/wmty3PKd is it enough? This way i will not execute the queries if the user is not logged in.
– 515948453225
Dec 4 at 17:23
And i changedintervalo = setTimeout(carregaDiv, 1000);
tointervalo = setTimeout(carregaDiv, 60000);
– 515948453225
Dec 4 at 17:25
1
Yes, as long as you check that there is a valid user, before you do user-related things, it should be fine. Raising the interval of the timer to 60 seconds will certainly help, but the principle won't change. I also noted that you 'chain' your timers, instead of having one timer created withsetInterval()
. Your counter will stop whenever a single connection problem is encountered. In other words: It's not robust.
– KIKO Software
Dec 5 at 8:34
add a comment |
Lets talk about this paragraphPHP SECURITY
. I useecho
to print out on the screen the HTML code for this notification, and it's all inside aif (!empty($user_id)) {
example: pastebin.com/wmty3PKd is it enough? This way i will not execute the queries if the user is not logged in.
– 515948453225
Dec 4 at 17:23
And i changedintervalo = setTimeout(carregaDiv, 1000);
tointervalo = setTimeout(carregaDiv, 60000);
– 515948453225
Dec 4 at 17:25
1
Yes, as long as you check that there is a valid user, before you do user-related things, it should be fine. Raising the interval of the timer to 60 seconds will certainly help, but the principle won't change. I also noted that you 'chain' your timers, instead of having one timer created withsetInterval()
. Your counter will stop whenever a single connection problem is encountered. In other words: It's not robust.
– KIKO Software
Dec 5 at 8:34
Lets talk about this paragraph
PHP SECURITY
. I use echo
to print out on the screen the HTML code for this notification, and it's all inside a if (!empty($user_id)) {
example: pastebin.com/wmty3PKd is it enough? This way i will not execute the queries if the user is not logged in.– 515948453225
Dec 4 at 17:23
Lets talk about this paragraph
PHP SECURITY
. I use echo
to print out on the screen the HTML code for this notification, and it's all inside a if (!empty($user_id)) {
example: pastebin.com/wmty3PKd is it enough? This way i will not execute the queries if the user is not logged in.– 515948453225
Dec 4 at 17:23
And i changed
intervalo = setTimeout(carregaDiv, 1000);
to intervalo = setTimeout(carregaDiv, 60000);
– 515948453225
Dec 4 at 17:25
And i changed
intervalo = setTimeout(carregaDiv, 1000);
to intervalo = setTimeout(carregaDiv, 60000);
– 515948453225
Dec 4 at 17:25
1
1
Yes, as long as you check that there is a valid user, before you do user-related things, it should be fine. Raising the interval of the timer to 60 seconds will certainly help, but the principle won't change. I also noted that you 'chain' your timers, instead of having one timer created with
setInterval()
. Your counter will stop whenever a single connection problem is encountered. In other words: It's not robust.– KIKO Software
Dec 5 at 8:34
Yes, as long as you check that there is a valid user, before you do user-related things, it should be fine. Raising the interval of the timer to 60 seconds will certainly help, but the principle won't change. I also noted that you 'chain' your timers, instead of having one timer created with
setInterval()
. Your counter will stop whenever a single connection problem is encountered. In other words: It's not robust.– KIKO Software
Dec 5 at 8:34
add a comment |
Thanks for contributing an answer to Code Review Stack Exchange!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
Use MathJax to format equations. MathJax reference.
To learn more, see our tips on writing great answers.
Some of your past answers have not been well-received, and you're in danger of being blocked from answering.
Please pay close attention to the following guidance:
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fcodereview.stackexchange.com%2fquestions%2f208803%2fnotification-system-using-phpjqueryajax%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
(I'd be more inclined to delve into the code if comments, the introduction and, to the extent feasible, the title of this post told who or what is notified how about what.)
– greybeard
Dec 1 at 15:24