Notification system using PHP+jQuery+Ajax
up vote
0
down vote
favorite
I have this code to display a counter on the side of <i class="fas fa-bell mr-3"></i>. I want to know if this code is good on security and perfomance.
I just started using jquery and ajax, i had heard people saying that someone could disable the javascript and do bad things. What you guys think about my code?
<div>
<ul class="navbar-nav textoPerfilDesk dropMenuHoverColor">
<li class="nav-item dropdown pr-2 dropleft navbarItem ">
<a class="nav-link dropdown-toggle-fk" href="#" id="navbarDropdownMenuLink" role="button" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false">
<i class="fas fa-bell mr-3"></i>
</a>
<div class="dropdown-menu dropdown-menu-fk py-3" aria-labelledby="navbarDropdownMenuLink">
<a class="dropdown-item dropMNitemNT" href="um-link">
<span class="d-flex">
<img class="imgNT" src="img/1.jpg">
<span class="pl-2 pt-1">
titutlo
</span>
</span>
</a>
</div>
</li>
</ul>
<span class="text-white divCountNT" id="datacount"></span>
</div>
script:
<script>
$(document).ready(function(){
var intervalo, carregaDiv;
(carregaDiv = function(){
$("#datacount").load('select.php', function(){
intervalo = setTimeout(carregaDiv, 1000);
});
})();
$('.fa-bell').on('click', function (){
clearTimeout(intervalo);
$.ajax({
url: "update.php",
complete: function(){
setTimeout(carregaDiv, 1000);
}
});
});
});
</script>
select.php
<?php
require_once 'db.php';
if(!isset($_SESSION))session_start();
if(isset($_SESSION['userid'])) {
$userid = $_SESSION['userid'];
}
$status = 'unread';
$sql = $conn->prepare("SELECT * FROM noti WHERE status = :status AND
userid = :userid");
$sql->bindParam(':userid', $userid, PDO::PARAM_INT);
$sql->bindParam(':status', $status, PDO::PARAM_STR);
$sql->execute();
$countNT = $sql->rowCount();
echo $countNT;
$conn = null;
?>
update.php
<?php
require_once 'db.php';
if(!isset($_SESSION))session_start();
if(isset($_SESSION['userid'])) {
$userid = $_SESSION['userid'];
}
$status = 'read';
$sql = $conn->prepare("UPDATE noti SET status = :status WHERE userid = :userid");
$sql->bindParam(':user_id', $userid, PDO::PARAM_INT);
$sql->bindParam(':status', $status, PDO::PARAM_STR);
$sql->execute();
$countNT = $sql->rowCount();
echo $countNT;
$conn = null;
?>
php jquery security ajax
asked 16 mins ago
515948453225
1
New contributor
515948453225 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
add a comment |
up vote
0
down vote
favorite
I have this code to display a counter on the side of <i class="fas fa-bell mr-3"></i>. I want to know if this code is good on security and perfomance.
I just started using jquery and ajax, i had heard people saying that someone could disable the javascript and do bad things. What you guys think about my code?
<div>
<ul class="navbar-nav textoPerfilDesk dropMenuHoverColor">
<li class="nav-item dropdown pr-2 dropleft navbarItem ">
<a class="nav-link dropdown-toggle-fk" href="#" id="navbarDropdownMenuLink" role="button" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false">
<i class="fas fa-bell mr-3"></i>
</a>
<div class="dropdown-menu dropdown-menu-fk py-3" aria-labelledby="navbarDropdownMenuLink">
<a class="dropdown-item dropMNitemNT" href="um-link">
<span class="d-flex">
<img class="imgNT" src="img/1.jpg">
<span class="pl-2 pt-1">
titutlo
</span>
</span>
</a>
</div>
</li>
</ul>
<span class="text-white divCountNT" id="datacount"></span>
</div>
script:
<script>
$(document).ready(function(){
var intervalo, carregaDiv;
(carregaDiv = function(){
$("#datacount").load('select.php', function(){
intervalo = setTimeout(carregaDiv, 1000);
});
})();
$('.fa-bell').on('click', function (){
clearTimeout(intervalo);
$.ajax({
url: "update.php",
complete: function(){
setTimeout(carregaDiv, 1000);
}
});
});
});
</script>
select.php
<?php
require_once 'db.php';
if(!isset($_SESSION))session_start();
if(isset($_SESSION['userid'])) {
$userid = $_SESSION['userid'];
}
$status = 'unread';
$sql = $conn->prepare("SELECT * FROM noti WHERE status = :status AND
userid = :userid");
$sql->bindParam(':userid', $userid, PDO::PARAM_INT);
$sql->bindParam(':status', $status, PDO::PARAM_STR);
$sql->execute();
$countNT = $sql->rowCount();
echo $countNT;
$conn = null;
?>
update.php
<?php
require_once 'db.php';
if(!isset($_SESSION))session_start();
if(isset($_SESSION['userid'])) {
$userid = $_SESSION['userid'];
}
$status = 'read';
$sql = $conn->prepare("UPDATE noti SET status = :status WHERE userid = :userid");
$sql->bindParam(':user_id', $userid, PDO::PARAM_INT);
$sql->bindParam(':status', $status, PDO::PARAM_STR);
$sql->execute();
$countNT = $sql->rowCount();
echo $countNT;
$conn = null;
?>
php jquery security ajax
asked 16 mins ago
515948453225
1
New contributor
515948453225 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
add a comment |
up vote
0
down vote
favorite
up vote
0
down vote
favorite
I have this code to display a counter on the side of <i class="fas fa-bell mr-3"></i>. I want to know if this code is good on security and perfomance.
I just started using jquery and ajax, i had heard people saying that someone could disable the javascript and do bad things. What you guys think about my code?
<div>
<ul class="navbar-nav textoPerfilDesk dropMenuHoverColor">
<li class="nav-item dropdown pr-2 dropleft navbarItem ">
<a class="nav-link dropdown-toggle-fk" href="#" id="navbarDropdownMenuLink" role="button" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false">
<i class="fas fa-bell mr-3"></i>
</a>
<div class="dropdown-menu dropdown-menu-fk py-3" aria-labelledby="navbarDropdownMenuLink">
<a class="dropdown-item dropMNitemNT" href="um-link">
<span class="d-flex">
<img class="imgNT" src="img/1.jpg">
<span class="pl-2 pt-1">
titutlo
</span>
</span>
</a>
</div>
</li>
</ul>
<span class="text-white divCountNT" id="datacount"></span>
</div>
script:
<script>
$(document).ready(function(){
var intervalo, carregaDiv;
(carregaDiv = function(){
$("#datacount").load('select.php', function(){
intervalo = setTimeout(carregaDiv, 1000);
});
})();
$('.fa-bell').on('click', function (){
clearTimeout(intervalo);
$.ajax({
url: "update.php",
complete: function(){
setTimeout(carregaDiv, 1000);
}
});
});
});
</script>
select.php
<?php
require_once 'db.php';
if(!isset($_SESSION))session_start();
if(isset($_SESSION['userid'])) {
$userid = $_SESSION['userid'];
}
$status = 'unread';
$sql = $conn->prepare("SELECT * FROM noti WHERE status = :status AND
userid = :userid");
$sql->bindParam(':userid', $userid, PDO::PARAM_INT);
$sql->bindParam(':status', $status, PDO::PARAM_STR);
$sql->execute();
$countNT = $sql->rowCount();
echo $countNT;
$conn = null;
?>
update.php
<?php
require_once 'db.php';
if(!isset($_SESSION))session_start();
if(isset($_SESSION['userid'])) {
$userid = $_SESSION['userid'];
}
$status = 'read';
$sql = $conn->prepare("UPDATE noti SET status = :status WHERE userid = :userid");
$sql->bindParam(':user_id', $userid, PDO::PARAM_INT);
$sql->bindParam(':status', $status, PDO::PARAM_STR);
$sql->execute();
$countNT = $sql->rowCount();
echo $countNT;
$conn = null;
?>
php jquery security ajax
asked 16 mins ago
515948453225
1
New contributor
515948453225 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
I have this code to display a counter on the side of <i class="fas fa-bell mr-3"></i>. I want to know if this code is good on security and perfomance.
I just started using jquery and ajax, i had heard people saying that someone could disable the javascript and do bad things. What you guys think about my code?
<div>
<ul class="navbar-nav textoPerfilDesk dropMenuHoverColor">
<li class="nav-item dropdown pr-2 dropleft navbarItem ">
<a class="nav-link dropdown-toggle-fk" href="#" id="navbarDropdownMenuLink" role="button" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false">
<i class="fas fa-bell mr-3"></i>
</a>
<div class="dropdown-menu dropdown-menu-fk py-3" aria-labelledby="navbarDropdownMenuLink">
<a class="dropdown-item dropMNitemNT" href="um-link">
<span class="d-flex">
<img class="imgNT" src="img/1.jpg">
<span class="pl-2 pt-1">
titutlo
</span>
</span>
</a>
</div>
</li>
</ul>
<span class="text-white divCountNT" id="datacount"></span>
</div>
script:
<script>
$(document).ready(function(){
var intervalo, carregaDiv;
(carregaDiv = function(){
$("#datacount").load('select.php', function(){
intervalo = setTimeout(carregaDiv, 1000);
});
})();
$('.fa-bell').on('click', function (){
clearTimeout(intervalo);
$.ajax({
url: "update.php",
complete: function(){
setTimeout(carregaDiv, 1000);
}
});
});
});
</script>
select.php
<?php
require_once 'db.php';
if(!isset($_SESSION))session_start();
if(isset($_SESSION['userid'])) {
$userid = $_SESSION['userid'];
}
$status = 'unread';
$sql = $conn->prepare("SELECT * FROM noti WHERE status = :status AND
userid = :userid");
$sql->bindParam(':userid', $userid, PDO::PARAM_INT);
$sql->bindParam(':status', $status, PDO::PARAM_STR);
$sql->execute();
$countNT = $sql->rowCount();
echo $countNT;
$conn = null;
?>
update.php
<?php
require_once 'db.php';
if(!isset($_SESSION))session_start();
if(isset($_SESSION['userid'])) {
$userid = $_SESSION['userid'];
}
$status = 'read';
$sql = $conn->prepare("UPDATE noti SET status = :status WHERE userid = :userid");
$sql->bindParam(':user_id', $userid, PDO::PARAM_INT);
$sql->bindParam(':status', $status, PDO::PARAM_STR);
$sql->execute();
$countNT = $sql->rowCount();
echo $countNT;
$conn = null;
?>
php jquery security ajax
php jquery security ajax
asked 16 mins ago
515948453225
1
New contributor
515948453225 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
asked 16 mins ago
515948453225
1
New contributor
515948453225 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
asked 16 mins ago
515948453225
1
New contributor
515948453225 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
asked 16 mins ago
515948453225
1
asked 16 mins ago
515948453225
1
1
New contributor
515948453225 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
New contributor
515948453225 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
515948453225 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
add a comment |
add a comment |
active
oldest
votes
active
oldest
votes
active
oldest
votes
active
oldest
votes
active
oldest
votes
515948453225 is a new contributor. Be nice, and check out our Code of Conduct.
draft saved
draft discarded
515948453225 is a new contributor. Be nice, and check out our Code of Conduct.
515948453225 is a new contributor. Be nice, and check out our Code of Conduct.
515948453225 is a new contributor. Be nice, and check out our Code of Conduct.
Thanks for contributing an answer to Code Review Stack Exchange!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
Use MathJax to format equations. MathJax reference.
To learn more, see our tips on writing great answers.
Some of your past answers have not been well-received, and you're in danger of being blocked from answering.
Please pay close attention to the following guidance:
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
draft saved
draft discarded
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fcodereview.stackexchange.com%2fquestions%2f208803%2fnotification-system-using-phpjqueryajax%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
