history.go(0); doesn't not work

[namemattersnot]

I have a SAJAX login authentication script that, if the the correct
password is provided, returns "history.go(0)" to the page and I then
use "eval()" on the returned data to refresh it.

If the requested page has # in it (http://localhost/whatever/#), it
refreshes in Internet Explorer but not in Firefox. Any ideas why? Is
there a better way to refresh it?

Thanks.

 

[Randy Webb]

(e-mail address removed) said the following on 2/24/2006 10:49 AM:

I have a SAJAX login authentication script that,

What is "SAJAX"? I hope it's not Secure AJAX as nothing is secure about
AJAX. Or Scripting for that matter.

if the the correct password is provided, returns "history.go(0)" to
the page and I then use "eval()" on the returned data to refresh it.

You have my profound apologies that no one ever bothered to teach you
better than that. If you paid for the education that taught you that,
request a refund (if not demand it).

If the requested page has # in it (http://localhost/whatever/#), it
refreshes in Internet Explorer but not in Firefox. Any ideas why?

No music comes out of my speakers, any ideas why? The point is, you
aren't giving enough information. But that is not the problem. The
problem is that you are using the wrong approach to logging in.

Is there a better way to refresh it?

Yes. Use a form, submit the form, let the server return the appropriate
page.

 

[namemattersnot]

What is "SAJAX"? I hope it's not Secure AJAX as nothing is secure about

AJAX. Or Scripting for that matter.

1. http://www.modernmethod.com/sajax/
2. the AJAX method is as "secure" as any "form submission". used with
SSL and a properly coded server script, there are no security concerns

You have my profound apologies that no one ever bothered to teach you
better than that. If you paid for the education that taught you that,
request a refund (if not demand it).

this is my first time using JS and the ONLY reason why i would use it
is to work with XMLHTTPRequest.

No music comes out of my speakers, any ideas why? The point is, you
aren't giving enough information. But that is not the problem. The
problem is that you are using the wrong approach to logging in.

1. works fine in Internet Explorer
2. authentication is for everything beyond the /whatever/ point. "#"
just happens to be the
page requested by a user. regardless, "#12" or any other anchor value
doesn't work either.

Yes. Use a form, submit the form, let the server return the appropriate
page.

this is not the design that I have for this particular feature.
everything works except for that refresh problem and instead of
suggesting a better solution to refresh the page (e.g. using "header"
and whatnot), you try to be all witty, yet fail miserably at it.

 

[Randy Webb]

(e-mail address removed) said the following on 2/24/2006 3:33 PM:

1. http://www.modernmethod.com/sajax/

http://www.ajaxtoolbox.com/

Will give you the same benefits, with an added one. Its free and it's
author post in this very newsgroup.

2. the AJAX method is as "secure" as any "form submission". used with
SSL and a properly coded server script, there are no security concerns

I disagree but it's irrelevant.

this is my first time using JS and the ONLY reason why i would use it
is to work with XMLHTTPRequest.

Nothing wrong with that. It's the use of eval that is the problem.
Especially when it's not needed. If you are returning script content to
the browser then create a dynamic Script element, insert the script
contents, and let the browser execute it.

1. works fine in Internet Explorer

Internet Explorer isn't a good base reference for what works on the web
though.

2. authentication is for everything beyond the /whatever/ point. "#"
just happens to be the page requested by a user. regardless, "#12" or
any other anchor value doesn't work either.

If the script returns history.go(0) then it should refresh the browser.
If you don't want the page refreshed (which is what SAJAX's main selling
point appeared to me to be) then don't. Just set the
document.location.hash property. Not sure what your purpose of using the
hash is for though :\

Both of which truly defeat the purpose of the "AJAX" phenomenon -
non-refreshing browsing.

this is not the design that I have for this particular feature.
everything works except for that refresh problem and instead of
suggesting a better solution to refresh the page (e.g. using "header"
and whatnot), you try to be all witty, yet fail miserably at it.

I was not being witty, straight forward and honest.

If you are experimenting with AJAX then you at least need to know it's
limitations though.

 

[namemattersnot]

Randy,

http://www.ajaxtoolbox.com/

Will give you the same benefits, with an added one. Its free and it's
author post in this very newsgroup.

Thanks for the suggestion -- it does looks good but more of JS instead
of PHP/JS implementation.

I disagree but it's irrelevant.

Tell this google whose AJAX authentication you use to sign in to post
in this newsgroup Again, nothing is secure.

Internet Explorer isn't a good base reference for what works on the web
though.


If the script returns history.go(0) then it should refresh the browser.
If you don't want the page refreshed (which is what SAJAX's main selling
point appeared to me to be) then don't. Just set the
document.location.hash property. Not sure what your purpose of using the
hash is for though :\

Here is how my script functions:

Everything within a restricted zone is filtered through index.php that
checks for a registered session. If none is found, it feeds you a login
page (mind you, the URL does not change: so, if you initially opened
http://xxx.com/yy/ then that's where you will get the login). As you
type your password, it is automatically checked by the server script
(AJAX method) against the correct one in the DB. If the password
matches, the server script registers the session and returns
"history.go" to the the browser. If the page is now refreshed, whatever
it is that you initially requested will be fed to you.

I do understand that eval() is not the preferred method, but I do not
know any better method since if I return a JS code in my dynamic
content (by changing DIV's innerHTML), it is not automatically
executed. And all I need to do is to refresh my page. I can return a
var "security = OK" (or some other response) or I can return that
"history()" and run eval on it.

Cheers.

 

[Randy Webb]

(e-mail address removed) said the following on 2/25/2006 11:52 AM:

Randy,


Thanks for the suggestion -- it does looks good but more of JS instead
of PHP/JS implementation.

It is. The server-side part is up to you, the AjaxToolbox covers the
client side.

Tell this google whose AJAX authentication you use to sign in to post
in this newsgroup Again, nothing is secure.

I would, except, I don't use Google to post to this newsgroup so I don't
use AJAX to authenticate to post in this newsgroup

Here is how my script functions:

Everything within a restricted zone is filtered through index.php that
checks for a registered session. If none is found, it feeds you a login
page (mind you, the URL does not change: so, if you initially opened
http://xxx.com/yy/ then that's where you will get the login). As you
type your password, it is automatically checked by the server script
(AJAX method) against the correct one in the DB.

Wow. Sounds like Google's smart thingy. But its overkill Only need to
connect to the server once, not every time I press a key but as a
learning exercise, OK

If the password

matches, the server script registers the session and returns
"history.go" to the the browser. If the page is now refreshed, whatever
it is that you initially requested will be fed to you.

document.location.reload();

Should do what you want.

I do understand that eval() is not the preferred method, but I do not
know any better method since if I return a JS code in my dynamic
content (by changing DIV's innerHTML), it is not automatically
executed. And all I need to do is to refresh my page. I can return a
var "security = OK" (or some other response) or I can return that
"history()" and run eval on it.

var security = true;

if (security){
document.location.reload();
}
else{
authenticate();
}

Where authenticate() would authenticate the user.

I just don't see the need to make your login dependent on JS when it
isn't required. User fills in a form, user submits form, server
authenticates, returns new page. And all that can be done with a single
page.

AJAX is also one of the least widely supported methods for doing what
you are doing.