[SOLVED] Controlling Access to Javascript after AJAX Responses

[ialsoagree]

I want to be able to dynamically control access to different sections of javascript after AJAX responses. While not necessary for security (since checking is done server side anyway) I want to be able to remove/make different parts of javascript available to a user based on their AJAX actions on a single page.

 

For example, if a user logs in (they log in through AJAX) I want certain pieces of javascript to become available to them. If they then log out (also through AJAX) I want to then disable that javascript.

 

Is it possible to have this type of dynamic control over what javascript the browser can execute without reloading the page (IE. can I use javascript to write/delete other javascript?).

 

My original thought was to include an external javascript file and have it reload after each AJAX response. The external javascript file would be written by PHP dynamically and only contain what javascript the user should have access to. But this doesn't appear to be a solution (or if it is, I'm not sure how to implement it).

 

Any suggestions would be appreciated.

[ialsoagree]

It seems a better solution is just going to be to output all the javascript to the user (regardless of whether or not it should be accessible) and let the server do all the error checking. In thinking through the problem, this should not only save me work, but save the program work instead of trying to have it control what javascript is and isn't available at any given time.

[haku]

Set variables for each block of javascript. Give them a default, and change that default when necessary. Check the setting before executing the piece of code. Ex:

 

<script type="text/javascript">
var blockA = true
function blockAFunction()
{
  if(blockA)
  {
    var target = document.getElementById("target")
    target.onclick = function()
    {
      alert("this worked")
    }
    blockA = false
  }
}

</script>

 

HTML:

<div id="target">Click me</div>

 

The first time you click the div, the alert will pop up. The second time it won't. By setting the variables outside the scope of the function, they become global and available to all functions on the page. So you can use other functions to set blockA back to true or what not.

[ialsoagree]

Thanks for the suggestion. I also thought about saving the functions to variables, and then setting the variables to 0 when a user shouldn't have access to them. But in the end I realized that for my problem, all this work just doesn't make a lot of sense. It's better for me to just write all that javascript out that a page could possibly need and let the server deal with any problems.

 

Buttons and links that call those javascripts are hidden/removed when they can't be used, so if an error occurs and one of them isn't hidden or removed it's better the process go through and the webpage automatically log it (and if someone tries to abuse the system, that can also be logged).

 

Thanks again though, appreciate the response.