Medical use of cannabinoids.Makakuha ng libreng 700pho sa bawat deposito

(@mdev1)

On the homepage I have some links:

<a class="link" data-id="1">first link</a>
<a class="link" data-id="2">second link</a>
<a class="link" data-id="3">third link</a>

When one of these links is clicked, I want to send an ajax request to a php file to update the Database to increase views column of that post.

$(document).ready(function(){
    $(document).on('click', '.link', function(e){

        var post_id = $(this).data('id');

        $.ajax({ 
            url: "views.php",
            type: 'POST',
            data: {id: post_id},
            success: function(){
                alert("done");
        }}); // ajax

    }); // on click

}); // ready

In views.php:

//Check if the id is posted.
if( isset($_POST['id']) ){

    //Assigning the id to a variable.
    $id = $_POST['id'];

    //Check if the id is an integer.
    $pattern = '/[0-9]/';
    if( preg_match($pattern, $id) ){

        //Check that the user didn't visit that post before.
        $post_cookie = 'p_' . $id;
        if( !isset($_COOKIE[$post_cookie]) ){

            //Insert or update if the post id exists.
            $query = $conn->prepare('INSERT INTO posts (id, views) VALUES (:id, 1) ON DUPLICATE KEY UPDATE views = views+1');
            $query->bindValue(':id', $id, PDO::PARAM_INT);
            $query->execute();

            //Set a cookie with the post id to indicate that the post is viewed.
            setcookie( $post_cookie, '1');

        }// No cookie with that name (the user didn't visit that post).
    } // id matches the pattern.
} // id is posted.

I could use other options than the posts id to add/update the views, But I’m wondering if that way is safe or I should use admin-ajax.php.

The posts are custom posts from Database, Not WordPress posts

This topic was modified 6 years, 7 months ago by mdev1.

Viewing 2 replies - 1 through 2 (of 2 total)

Howdy_McGee
(@howdy_mcgee)

6 years, 7 months ago

The biggest benefit when using admin-ajax.php is that WordPress is loaded so you’re able to use WordPress functionality for things like getting posts and verifying nonces. Other than that I don’t think there’s a difference.

Other than that there’s not much of a difference between what you’re doing and what WordPress does though I can’t think of a reason why you would want to do it your way vs WordPress’s way.
Dion
(@diondesigns)

6 years, 7 months ago
There’s a pretty big difference between admin-ajax.php and a custom AJAX handler: server performance. admin-ajax.php loads all of WordPress as well as all plugins and all of your theme’s core files. Hooked functions are executed, even if they are not needed. It’s essentially loading another full copy of WordPress.

Many users wonder why certain themes and plugins cause their site to be slow. Use of admin-ajax.php is one of the reasons for this. (Use of the REST API is quickly supplanting admin-ajax.php in this regard, though.)

To the OP: casting $id as an integer will effectively sanitize $_POST[‘id’]:
```
$id = (int) trim($_POST['id']);
```

Viewing 2 replies - 1 through 2 (of 2 total)

The topic ‘Is the regular ajax request method safe or I should use admin-ajax.php?’ is closed to new replies.

Is the regular ajax request method safe or I should use admin-ajax.php?

Topics

Topics with no replies

Non-support topics

Resolved topics

Unresolved topics

All topics