Jump to content
ajoo

GHOST message !

Recommended Posts

Hi all !

I have an ajax page which is working great when it is in the root folder. It is triggered when a certain values dips below a predefined value while a valid user is logged in. The page is simply a form with a drop down and a text box and a message bar at the bottom. The message displays appropriate success or false messages. Everything works good.

However I wanted to move the ajax.php into the includes folder outside of the webroot and I did so. The form still works great but the message bar returns my messages embedded somewhere inside entire index.html loaded so far. There are no errors or access errors. The message returned is equated to an empty string at the beginning inside the ajax.php and then populated with the appropriate message which is echoed back.

I simply cannot make out where it is picking up the entire index.HTML from and more importantly why ?

Please help.

Thanks.

Share this post


Link to post
Share on other sites
Posted (edited)

Hi Requinix,

:confused: What's that supposed to mean please! ? 😃

Ok So I know somewhat the issue that is. It's happening because I had to change the action value of my form to pass through a GET value as variable to my index file where as earlier it was the ajax.php itself. To be more clear, earlier I had action = "ajax.php ", but now with the file in the includes folder outside the root, it's index.php?page=ajax.

But with the file outside the root, i need this. Correct? So please enlighten me how may I fix this to get only the desired output returned?

You think i am worrying too much about security ? Like it's ok to let the files be in the root and not move them outside it?

Thanks !

Edited by ajoo

Share this post


Link to post
Share on other sites

It means that you may have given some information but you didn't give the sorts of details that make it possible to actually answer your question.

So generic answer:

If your file needs to be web accessible then you can't move it out of the web root and expect it to keep working. Either keep it where it is, or find a way to instruct your web server and/or PHP that it should send specific requests to that otherwise-inaccessible file.

Share this post


Link to post
Share on other sites

Hi requinix,

Thanks for clarifying that.

In my previous reply I have mentioned that I am able to access the ajax file in includes (outside the root) using a get variable. If I was just to go by the success or failure message returned by the ajax function, I would be good because the ajax call does what it's supposed to do and works great. However the issue is that the return value received by this method is the complete index.html while I just wanted a custom message to be returned signalling failure or success. I have no clue how I may be able to return just the message and not the whole index.html. I was hoping you would be able to show me how that could be done or not. ( my custom messages are also returned embedded in the index.html)

Thanks.

Share this post


Link to post
Share on other sites

Then apparently your "get variable" tactic isn't going to work. You'll have to do something else.

Show you what to do? Sure. Come take a look at my computer - I've got the answer right here up on the screen.

Share this post


Link to post
Share on other sites

HI Requinix,

 I meant a pointer in the right direction. Since the get variable tactic is returning the wrong result and I have no clue, as of now, how to proceed maybe you can tell me what else I could try. 

Thanks !

Share this post


Link to post
Share on other sites

Not move ajax.php?

Why did you need to move it in the first place?

Share this post


Link to post
Share on other sites

Well I moved the ajax.php outside the root simply because I think that would be a safer place for the code or at least as much as can be moved there. I may be wrong. There are some mixed responses on this on the net.

What would you suggest ? See I am unsure and so I am asking.

Thanks.

 

Share this post


Link to post
Share on other sites

It's... no, moving it outside the root isn't going to change anything for the better. If the script needs to be run at user request, like yours, then moving it outside the root is irrelevant.

The only reason for files to be outside the root is so that the user can't plug in some URL into their browser and execute files they aren't supposed to. But here, you want the user to execute ajax.php. So not only is there no point to moving it, you're actually hurting yourself in the process.

Leave it where it was. It's fine.

  • Thanks 1

Share this post


Link to post
Share on other sites

😃 Super !

I'll leave it at that then. Thanks a ton !

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.