beachersaussie

BUMP

bump

bump

I just realised ive so put this in the wrong place Not where I intended ... any ways admins feel free to move

How do I setup my DNS so it automatically takes a user to a cheap hosted "WEBSITE IS DOWN" page if the other DNS server go down? I do remember reading about it some where but cant remember where. Thanks

bump

bump (I also fail to see how this is AJAX specific ... anyway)

Absolutely nobody?

Hello PHPFreakers, Ive built a webpage dashboard that allows you to add "widgets" much like iGoogle (or Geckoboard - on an interface level). Now iGoogle (as does Facebook) uses iFrames to serve up these 3rd-party Apps or widgets. From my research they do this because it makes the Apps more "secure" in the fact they cannot directly access the sessions and cookies set on the igoogle or facebook domain and instead are forced to use the full API process, also helping guard against apps changing the user_id cookie and therefore allowing API access to other data. Now, from my point of view this is somewhat restrictive because: I allow full screen apps, if I was to use iFrame the navigation or control bar would have to be appended to the main BODY of the site as it could not be injected into the iFrame. So what happens when the App/Widget needs to add controls to said bar ... it can't. If you were to add the bar to the iFrame, the site then cannot inject the control bar with the options (forcing a developer to use them). Any ideas on how any/all of this could be overcome? I know of jquery.append and load but would this all really be that secure and safe given all of the above? And why do iGoogle and Facebook then not use these technologies? Look forward to discussing more with all of you [side note: Widgets must be pre-approved, same for updates, must use an oAuth/RESTful API and conform to certain standards. - Just in case that is any use when discussing ] Thanks

I dont feel this belongs here, so Im going away to think it over and come back soon. Ignace, feel free please to offer your advice again

Also @ignace, What if they redefined the cookie for active user (which fb & twitter use the same as i do) this would give acces to other peoples stuff? yes?

Not sure why this was shifted as it is a fairly broad topic, encompassing iframe, jquery, ajax and PHP - all options are still open. Anyways, look forward to more advice

@ignace, All the data handling is done via an API, so they could not hook into a PHP function to get a users data, it would have to go via the API, the only cookie stored is one to confirm they are logged in. So it would allow the most creativity, freedom and still allow security (given the above) if I user jQuery/AJAX loads rather than iframe? Although how would adding CSS sheets and jquery plugins go? Thanks

I am building a website that allows full-screen apps. Basically I have two thoughts: 1. iframes (like Facebook) 2. jquery.load The advantage of jquery.load is i can have a consistent navigation and get the app to append into it (will be a sliding out sidebar). Unlike the iframe, I would have to rely on the developer to implement a standard navigation etc. Would 2 be secure? Noting my whole site being powered by its own API (similar to twitter is). Or would it be best to try and develop some form of framework developers must adhere to and check all apps against it (similar to Apple) (and use iframes - like Facebook)? Or has someone got an even better idea. Hope that all makes some sense