Last active
August 29, 2015 14:10
-
-
Save dennisdegryse/7a8c3e7891693a5e22cb to your computer and use it in GitHub Desktop.
ajax.php
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| require_once("ajax_table.class.php"); | |
| // [dennis] rename your object from ajax_table to AjaxTable (conventions) | |
| // [dennis] rename your object to AjaxRepository (semantics) | |
| $obj = new ajax_table(); | |
| // [dennis] use the $_SERVER variable to determine the request method. | |
| if($_SERVER['REQUEST_METHOD'] == 'POST') { | |
| // whats the action ?? | |
| // [dennis] check whether an action is given | |
| if (array_key_exists('action', $_POST)) { | |
| $action = $_POST['action']; | |
| // remove 'action' key from array, we no longer need it | |
| // [dennis] Garbage collection is for low-level languages. Save the CPU cycles and memory operations by leaving it. | |
| // [dennis] extract these two mappings out of the cases since they apply to all cases. | |
| // Never ever believe on end user, he could be a evil minded | |
| // [dennis] don't assume all parameters are strings | |
| // [dennis] don't use mysql_*, use mysqli_ or PDO | |
| // [dennis] don't escape strings, use prepared statements | |
| $escapedPost = array_map('mysql_real_escape_string', $_POST); | |
| // [dennis] don't map to html entities for storage. Use it for views | |
| $escapedPost = array_map('htmlentities', $escapedPost); | |
| // [dennis] you want to make a separate function for each action with the exact parameters that are needed to formalize your interface. | |
| if($action == "save"){ | |
| $res = $obj->save($escapedPost); | |
| if($res){ | |
| /* $escapedPost["success"] = "1"; | |
| $escapedPost["id"] = $res; | |
| echo json_encode($escapedPost); */ | |
| echo json_encode(array("success" => "1","id" => $res)); | |
| } | |
| else | |
| echo $obj->error("save"); | |
| }else if($action == "del"){ | |
| $id = $_POST['rid']; | |
| $res = $obj->delete_record($id); | |
| if($res) | |
| echo json_encode(array("success" => "1","id" => $id)); | |
| else | |
| echo $obj->error("delete"); | |
| } | |
| else if($action == "update"){ | |
| $id = $obj->update_record($escapedPost); | |
| if($id) | |
| echo json_encode(array_merge(array("success" => "1","id" => $id),$escapedPost)); | |
| else | |
| echo $obj->error("update"); | |
| } | |
| else if($action == "updatetd"){ | |
| $id = $obj->update_column($escapedPost); | |
| if($id) | |
| echo json_encode(array_merge(array("success" => "1","id" => $id),$escapedPost)); | |
| else | |
| echo $obj->error("updatetd"); | |
| } | |
| } else { | |
| // No action specified! | |
| } | |
| } | |
| ?> |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment