#1
  1. A Change of Season
    Devshed Expert (3500 - 3999 posts)

    Join Date
    Mar 2004
    Location
    Next Door
    Posts
    3,558
    Rep Power
    221

    Is it safe to let users update the database like this?


    Hi;

    Quick Php-Ajax question.

    My main concern is "too many calls". Like they make a script and pound my page. Should I limit them to X updates per minute maybe?


    • It will be only for logged in users
    • Drag a div from top right corner and sort them ===> Demo <===
    • Any other concerns?
    • Thanks



    Code:
    $( function() {
         $( "#page_items" ).sortable({
            update: function( ) {
                var sort = 0;
                $('.main_block').each(function() 
                    {
                        var new_id = this.id;
                        new_id = new_id.slice(0, -4);
                        sort = sort+"-"+new_id;
                    }); 
                $('.elements_sort').val(sort);
                    var url = '<?php echo base_url('update_sort');?>'; 
                    $.ajax({
                       type: "POST",
                       url: url,
                       data: $("#sortable_form").serialize(),
                       success: function(data)
                       {
                          //alert('Sorted');
                       }
                     });
                }
        });
      });
    PHP Code:
    class Update_sort extends CI_Controller {

        public function 
    index()
            {
                        if(!
    $this->plc_library->is_this_plc_owner($_POST['item_id']))
                            {
                                exit();  
    //I'm aware this is not the bets
                            
    }
                    

                
    $elements_sort=$_POST['elements_sort'];
                
    $data = array();
                if(
    strlen($elements_sort)>1)
                    {
                        
    $pieces explode("-"$elements_sort);
                        
    $count=0;
                        foreach(
    $pieces as $val=>$row)
                            {
                                
    $count++;
                                if(
    is_numeric($row) && $row 0)
                                    {
                                        
    $sort[]=array('id'=>$row'element_sort'=>$count);
                                    }    
                            }
                        
    $this->db->update_batch('launch_page_elements'$sort'id');
                    }
                
    http_response_code(200);
            }

  2. #2
  3. Backwards Moderator
    Devshed Supreme Being (6500+ posts)

    Join Date
    Mar 2007
    Location
    Washington, USA
    Posts
    16,905
    Rep Power
    9646
    You don't have to. Can if you want. If you don't trust your users to be normal users. But then you'd have to apply the same logic to every other place you update the database as a result of user actions.
  4. #3
  5. A Change of Season
    Devshed Expert (3500 - 3999 posts)

    Join Date
    Mar 2004
    Location
    Next Door
    Posts
    3,558
    Rep Power
    221
    Originally Posted by requinix
    You don't have to. Can if you want. If you don't trust your users to be normal users. But then you'd have to apply the same logic to every other place you update the database as a result of user actions.
    Would you usually do it if you be making a site for public?
  6. #4
  7. Wiser? Not exactly.
    Devshed God 2nd Plane (6000 - 6499 posts)

    Join Date
    May 2001
    Location
    Bonita Springs, FL
    Posts
    6,274
    Rep Power
    4193
    Originally Posted by English Breakfast Tea
    Would you usually do it if you be making a site for public?
    I probably wouldn't bother, seems like a lot of effort for little reward. One would probably be better off working on some kind of overall health monitoring setup so you can monitor for problems in general, then if a problem shows up look into why by examining logs. If you find some user has been abusive, then ban them (either permanently or temporarily).
    Recycle your old CD's



    If I helped you out, show some love with some reputation, or tip with Bitcoins to 1N645HfYf63UbcvxajLKiSKpYHAq2Zxud
  8. #5
  9. A Change of Season
    Devshed Expert (3500 - 3999 posts)

    Join Date
    Mar 2004
    Location
    Next Door
    Posts
    3,558
    Rep Power
    221
    Thank you.

    Ideas on overall health monitoring setup?
  10. #6
  11. Backwards Moderator
    Devshed Supreme Being (6500+ posts)

    Join Date
    Mar 2007
    Location
    Washington, USA
    Posts
    16,905
    Rep Power
    9646
    Logging and stuff to monitor the logging. No particular examples, just whatever you need as you need it.

IMN logo majestic logo threadwatch logo seochat tools logo