/** * JavaScript AJAX Connector * * The main idea of ajax security - to send via HTTP instance_id of block and * php session identifier. in session array we save ClassName and it's location * so we can create calling class on server side by it's instance_id * srtipt where information is sending located in /core/ajax.php * * TODO sending get variables * sending post variables * if post variables are undefined send info as GET request and POST elsewere * */ function cAJAXConnector(){ /** * XMLHTTP object. It wil be created by fist time call of call method */ this.transport = null; /** * Sends request to the ajax script and returns it's response * always sending SID and instanse ID to point for the destination * class location */ this.call = function (instance_id,get_vars,post_vars){ if (this.transport==null) this.createTransport(); var get_vars_str = ''; if (typeof(get_vars)!='undefined'){ for(index in get_vars){ get_vars_str = get_vars_str + '&' + index + '=' + encodeURIComponent(get_vars[index]); } } // var xmlrpc_url = 'http://'+window.location.host+'/core/ajax.php?SID='+this.getSessionID()+'&i_id='+instance_id+get_vars_str; var xmlrpc_url = 'http://'+window.location.host+'/core/ajax.php?i_id='+instance_id+get_vars_str; this.transport.open('POST',xmlrpc_url,false); this.transport.setRequestHeader('Content-type', 'application/x-www-form-urlencoded'); this.transport.send(''); return this.transport.responseText; } /** * Creates XMLHTTP object */ this.createTransport = function(){ var e; try { this.transport = new ActiveXObject('MSXML2.XMLHTTP'); } catch(e){} try { this.transport = new ActiveXObject('Microsoft.XMLHTTP'); } catch(e){} try { this.transport = new XMLHttpRequest(); } catch(e){} } /** * Takes session ID (PHPSESSID) from cookies */ this.getSessionID = function(){ str = new String(document.cookie); //alert(str); f_index = str.indexOf('PHPSESSID')+10; l_index = str.indexOf(';',f_index); ses_id = str.slice(f_index,l_index); return ses_id; } } var AJAXConnector = new cAJAXConnector();