Joomla Ajax Interface

3,428 views
Skip to first unread message

Matt Thomas

unread,
May 22, 2013, 10:14:48 AM5/22/13
to Joomla! General Development
Hello everyone,

As a follow-up to the Getting a Module AJAX Response thread, I have put together a proof of concept of an extensible Joomla Ajax interface. The concept is quite simple in that it is a component that fires a plugin group on demand, as well as acts as a single entry point for Ajax functionality.


Please keep in mind that none of this is intended to be spectacular, but functional and to convey the concept. All three of the extensions have been tested in Joomla 1.5 (1.5-develop branch) and Joomla 2.5 (develop), which should also work in 3.x.

If anything, I hope that we can use this as a jumping off point for getting Ajax support in core.

Best,

Matt Thomas
Founder betweenbrain
Phone: 203.632.9322
Twitter: @betweenbrain

Nick Savov

unread,
May 22, 2013, 10:16:42 AM5/22/13
to joomla-de...@googlegroups.com
Great job, Matt!! :)

Cheers,
Nick


>
> Hello everyone,
>
> As a follow-up to the Getting a Module AJAX
> Response<https://groups.google.com/d/msg/joomla-dev-general/9lGEsozYgnA/nEqdVP2GIe4J>
> thread,
> I have put together a proof of concept of an extensible Joomla Ajax
> interface. The concept is quite simple in that it is a component that
> fires
> a plugin group on demand, as well as acts as a single entry point for Ajax
> functionality.
>
> The main component is available at https://github.com/betweenbrain/Joomla
> -Ajax-Interface and a sample plugin is available at https://github.com/
> betweenbrain/Ajax-Session-Plugin and module at https://github.com/
> betweenbrain/Ajax-Session-Module.
>
> Please keep in mind that none of this is intended to be spectacular, but
> functional and to convey the concept. All three of the extensions have
> been tested in Joomla 1.5 (1.5-develop branch) and Joomla 2.5 (develop),
> which should also work in 3.x.
>
> If anything, I hope that we can use this as a jumping off point for
> getting
> Ajax support in core.
>
> Best,
>
> Matt Thomas
> Founder betweenbrain <http://betweenbrain.com/>�
> Lead Developer Construct Template Development
> Framework<http://construct-framework.com/>
> Phone: 203.632.9322
> Twitter: @betweenbrain
> Github: https://github.com/betweenbrain
>
> --
> You received this message because you are subscribed to the Google Groups
> "Joomla! General Development" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to joomla-dev-gene...@googlegroups.com.
> To post to this group, send an email to
> joomla-de...@googlegroups.com.
> Visit this group at
> http://groups.google.com/group/joomla-dev-general?hl=en-GB.
> For more options, visit https://groups.google.com/groups/opt_out.
>
>
>

Matt Thomas

unread,
May 22, 2013, 10:59:30 AM5/22/13
to Joomla! General Development
Thanks Nick!

Best,

Matt Thomas
Founder betweenbrain
Phone: 203.632.9322
Twitter: @betweenbrain

Amy Stephen

unread,
May 22, 2013, 6:31:29 PM5/22/13
to joomla-de...@googlegroups.com
Matt - that's brilliant.

Couple of questions -- what is item and item params -- is that related to the "to do" comment? https://github.com/betweenbrain/Joomla-Ajax-Interface/blob/develop/site/ajax.php#L29

In a sense, I think I'd leave it stark like that - and then let the plugin negotiate what it needs, much like you have it with your session example.

(In general, it's better to use parameters on a Url than to rely on session data between requests, but, that's sort of a side comment in your example plugin.)

Back to the heart of the matter!

I think a component like that in the front and even in the backend (RocketTheme has a little Ajax going on in their Admin Templates) would do a lot of good, not only in making it unnecessary to use those other methods we were discussing, but also because Ajax is a pain right now - and you just made it simple.

Thanks for this work, Matt.

Amy Stephen

unread,
May 22, 2013, 6:33:13 PM5/22/13
to joomla-de...@googlegroups.com
On Wed, May 22, 2013 at 5:31 PM, Amy Stephen <amyst...@gmail.com> wrote:

I think a component like that IN CORE in the front and even in the backend (RocketTheme has a little Ajax going on in their Admin Templates) would do a lot of good, not only in making it unnecessary to use those other methods we were discussing, but also because Ajax is a pain right now - and you just made it simple.

Might also see - maybe this is something that Nic can slip into RAD?

Matt Thomas

unread,
May 22, 2013, 7:18:38 PM5/22/13
to Joomla! General Development
Thanks Amy!

Yes, item and item params are directly related to the TODO, and do absolutely nothing at the moment. They are sort of placeholders. But, the more I explore this whole "thing", the more I realize that they need to be removed, and as you state, let the plugin(s) handle the rest.

I can't tell you how much I appreciate your, and everyone else's feedback. I'm thrilled that you find this to make Ajax in Joomla simple. It's really been a pleasure.

PS: Just added two issues to the repo ;-) Thanks!


Best,

Matt Thomas
Founder betweenbrain
Phone: 203.632.9322
Twitter: @betweenbrain


Dmitry Rekun

unread,
May 23, 2013, 9:04:23 AM5/23/13
to joomla-de...@googlegroups.com
Good job.

Dmitry

George Wilson

unread,
May 23, 2013, 5:49:24 PM5/23/13
to joomla-de...@googlegroups.com
Awesome work Matt! :) I'll have a play with this over the weekend and leave feedback/questions (probably lots)/comments.

Kind Regards,
George

Matt Thomas

unread,
May 23, 2013, 9:07:03 PM5/23/13
to Joomla! General Development

Thanks Dmitry and George! And, thanks to Amy, I cleaned up the unnecessary parameters last night and added support for the admin.

Even though it's not much more than an entry point, it has already been helpful for one site and I will be adding a "print_r" format. Fun stuff :-)

Best,

Matt Thomas
Founder betweenbrain™
Lead Developer Construct Template Development Framework
Phone: 203.632.9322
Twitter: @betweenbrain
Github: https://github.com/betweenbrain

Composed and delivered courtesy of Nexus 7.

--

Donald Gilbert

unread,
May 23, 2013, 11:48:37 PM5/23/13
to joomla-de...@googlegroups.com
Instead of print_r should you use debug as the name? That way it's not tied to a single implementation for debugging. One could theoretically put in something like the Oops! Error handler to get better debug info etc. That would be cool. 

Sent from Mailbox for iPhone

Thomas PAPIN

unread,
May 24, 2013, 4:54:58 AM5/24/13
to joomla-de...@googlegroups.com
With this solution, you will need to create a plugin in addition to a module to be able to handle ajax query in a module. am I correct ?

I really think that it will be better to be able to do a ajax with a module only (no plugin). It's quite boring to create a plugin in addition to a module for that.

Don't you think we can do something like :
File : /ajax.php or /components/com_ajaxmodule/ajaxmodule.php

....
$module = getCmd('module');
//security check on module
....

if (file_exists(JPATH_ROOT.'/modules/$module/ajax.php)) {
    ob_start();
    include(JPATH_ROOT.'/modules/$module/ajax.php);
    $content = ob_end_clean();
}

...



2013/5/24 Matt Thomas <ma...@betweenbrain.com>

Matt Thomas

unread,
May 24, 2013, 5:57:36 AM5/24/13
to Joomla! General Development

That's a great idea Don. "Debug" it is, with an eye for more detailed information. I'm not familiar with Oops!, nor do I get a clear result from Google. Mind posting a link? Thanks!

Best,

Matt Thomas
Founder betweenbrain™
Lead Developer Construct Template Development Framework
Phone: 203.632.9322
Twitter: @betweenbrain
Github: https://github.com/betweenbrain

Composed and delivered courtesy of Nexus 7.

Matt Thomas

unread,
May 24, 2013, 6:28:45 AM5/24/13
to Joomla! General Development

Thomas,

Yes, you would need to create a plugin, to add the specific Ajax functionality that you require, as well as the module for interacting with it. 

It would be great to eliminate needing to code a separate plugin, and your idea of having the component call a file in the module is very interesting. I like it! How would that work if someone needed Ajax in something other than a module? Maybe this needs to support different modes so that the whatever is making the Ajax request can tell the component where to look (i.e. a plugin or module)?

Best,

Matt Thomas
Founder betweenbrain™
Lead Developer Construct Template Development Framework
Phone: 203.632.9322
Twitter: @betweenbrain
Githubhttps://github.com/betweenbrain

Composed and delivered courtesy of Nexus 7.

George Wilson

unread,
May 24, 2013, 6:34:44 AM5/24/13
to joomla-de...@googlegroups.com
RE: the AJAX file in a module - if the plugins will be called out the box from your component and components have a JSON view anyhow then modules are the main content type which don't have a native method now surely? Would make sense to check for it which would therefore mean people don't have to install packages just for a single module/plugin!

Kind Regards,
George

--
You received this message because you are subscribed to a topic in the Google Groups "Joomla! General Development" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/joomla-dev-general/i1syYWshGsY/unsubscribe?hl=en-GB.
To unsubscribe from this group and all of its topics, send an email to joomla-dev-gene...@googlegroups.com.

Thomas PAPIN

unread,
May 24, 2013, 7:35:28 AM5/24/13
to joomla-de...@googlegroups.com
Yes maybe something like :
index.php?option=com_dispatcher&type=YYYYY&name=XXXXX (with type equals "modules or plugins" and name the name of the plugin or module)
or
index.php?option=com_dispatcher&name=mod_XXX | plug_XXXX

or without a component

index.php?option=mod_XXXXX
index.php?option=plg_XXXX

check for "dispatcher.php" file (I don't like so much ajax.php) in the module directory or plugin directory.


2013/5/24 Matt Thomas <ma...@betweenbrain.com>

Donald Gilbert

unread,
May 24, 2013, 9:03:32 AM5/24/13
to joomla-de...@googlegroups.com
Yeah sorry about that. You can't find it because it's not called Oops, it's called Whoops! https://github.com/filp/whoops

Sent from Mailbox for iPhone


Matt Thomas

unread,
May 24, 2013, 9:34:41 AM5/24/13
to Joomla! General Development
On Fri, May 24, 2013 at 7:35 AM, Thomas PAPIN <thomas...@gmail.com> wrote:
Yes maybe something like :
index.php?option=com_dispatcher&type=YYYYY&name=XXXXX (with type equals "modules or plugins" and name the name of the plugin or module)
or
index.php?option=com_dispatcher&name=mod_XXX | plug_XXXX

Currently the "Joomla Ajax Interface" component is registered as com_ajax. Therefore, i think we would need to do something like:

index.php?option=com_ajax&name=mod_XXX | plug_XXXX

That could fire the appropriate plugin or module "dispatcher" file, and those files could check the URL for anything else they need.

But, is it possible to call a single plugin, not a group, from a component?

 

or without a component

index.php?option=mod_XXXXX
index.php?option=plg_XXXX

How would you do that without a component? I think that takes us back to needing a plugin to check for those option and routing the request before Joomla throws a 404.

 

Matt Thomas

unread,
May 24, 2013, 9:34:58 AM5/24/13
to Joomla! General Development
Thanks Don! I'll take a look.

Best,

Matt Thomas
Founder betweenbrain
Phone: 203.632.9322
Twitter: @betweenbrain


Thomas PAPIN

unread,
May 24, 2013, 9:59:59 AM5/24/13
to joomla-de...@googlegroups.com
==> But, is it possible to call a single plugin, not a group, from a component?

Here it's not really a call (like we do with a trigger), it's just include a dispatcher.php in the plugin directory if the file is present.
In other words, it's not calling a function onAjaxXXXX but just include a file.

==> How would you do that without a component? I think that takes us back to needing a plugin to check for those option and routing the request before Joomla throws a 404.

Two "solutions"
 => system plugin with a onAfterRoute or onAfterInitialise)

or change includes/application.php

public function dispatch($component = null)
.....
$option = JRequest::getCmd('option');
$optionType = getOptionType($option);

switch($optionType) {
case 'module':
         if (file_exits(....) dispatcher.php
case 'component':
       $contents = JComponentHelper::renderComponent($component);



2013/5/24 Matt Thomas <ma...@betweenbrain.com>

--

Matt Thomas

unread,
May 28, 2013, 10:17:03 AM5/28/13
to Joomla! General Development

Hi Thomas,

That's a very interesting idea. Stepping back for a moment, if we were able to add the necessary functionality for Ajax to modules, in this case your dispatcher file, would we even need plugins at all? That is, it seems like the only things using Ajax would be modules or components.

With that being the case, I'd argue that, instead of including a separate file, that the Ajax interface call a method within the modules helper class. For example:

index.php?option=com_ajax&module=finder

Which would then be used in the Ajax interface as:

$module = JRequest::getVar('module');
$helper = JRequest::getVar('helper', 'helper');

require_once . '/modules/mod_' . $module . '/' . $helper . '.php';
$results = modFinderHelper::getAjax($params);

Best,

Matt Thomas
Founder betweenbrain™
Lead Developer Construct Template Development Framework
Phone: 203.632.9322
Twitter: @betweenbrain
Githubhttps://github.com/betweenbrain

Composed and delivered courtesy of Nexus 7.

Thomas PAPIN

unread,
May 28, 2013, 10:52:24 AM5/28/13
to joomla-de...@googlegroups.com
For me, it's still possible to have plugin with Ajax.
Example: a "field plugin" for a K2,FlexiContent,Zoo,Seblod whatever. This field plugin display a calendar of room availability that needs ajax request to get data.


2013/5/28 Matt Thomas <ma...@betweenbrain.com>

Matt Thomas

unread,
May 28, 2013, 8:57:20 PM5/28/13
to Joomla! General Development

Thanks Thomas, that's a great example.

Best,

Matt Thomas
Founder betweenbrain™
Lead Developer Construct Template Development Framework
Phone: 203.632.9322
Twitter: @betweenbrain
Github: https://github.com/betweenbrain

Composed and delivered courtesy of Nexus 7.

Matt Thomas

unread,
May 30, 2013, 9:38:48 AM5/30/13
to Joomla! General Development
For anyone who is interested, I've added support for accessing a module's helper file via Ajax, while maintaining support for plugins. You can see the recent changes at https://github.com/betweenbrain/Joomla-Ajax-Interface/tree/develop.

My next task will be to consider accessing components directly via Ajax. Any thoughts on that?

Thanks!

Best,

Matt Thomas
Founder betweenbrain
Phone: 203.632.9322
Twitter: @betweenbrain


Amy Stephen

unread,
May 30, 2013, 10:48:11 AM5/30/13
to joomla-de...@googlegroups.com
/me smacks herself for being so dumb.

How about tokens, normal logged on checking, time out, etc., and ACL?

Think you better add security tokens to guard against CSRF attacks and also to know who is logged on. (Are they logged on? Have they timed out? Who are they?)

Then, tap into your ACL before taking a step beyond that first component.

So, how do you do that? I would retrace the login process in Joomla and identify those key processes. Bear in mind, that is a ridiculous path to follow, jumps through the layers of application, into plugins and helpers, back into core, firing events as it goes, but see if you can find your way through it. If I get some time today, I'll try to do the same.

Something basic and fail free.

Matt Thomas

unread,
May 30, 2013, 1:33:06 PM5/30/13
to Joomla! General Development
Hi Amy,

Thanks again for your insight and guidance. It's always appreciated!

Specifically, implementing these measures would be related to actions that require a user to log in, correct? That is, if someone is using Ajax to populate a public questionnaire, we wouldn't necessarily need these countermeasures, other than maybe setting a session for timing out?

This is definitely something important to look at. Thanks again.


Best,

Matt Thomas
Founder betweenbrain
Phone: 203.632.9322
Twitter: @betweenbrain


Amy Stephen

unread,
May 30, 2013, 1:42:51 PM5/30/13
to joomla-de...@googlegroups.com
I put some feelings out on Twitter. Let's see if some experts share ideas.

Amy Stephen

unread,
May 30, 2013, 1:43:04 PM5/30/13
to joomla-de...@googlegroups.com
FEELERS

Matt Thomas

unread,
May 30, 2013, 1:49:49 PM5/30/13
to Joomla! General Development
Feelings are good to. Thanks!

Best,

Matt Thomas
Founder betweenbrain
Phone: 203.632.9322
Twitter: @betweenbrain


Emerson da Rocha Luiz

unread,
May 30, 2013, 2:27:32 PM5/30/13
to joomla-de...@googlegroups.com
About CSRF tokens

By default, if developer is not very sure about what is doing, it should try to force use Token. But must be optimal for scalability. And this should keep in mind that even a logged user could use ajax data without token if what he needs is a public information.

When CSRF tokens should disabled

  • Content is accessible for guests, even some ACL make it disabled for some registered user
  • If content will not change for same user on next request in a time different than a pre-defined cache time. (If will change, is a good idea add some additional parameter for invalidate cache by who is calling Ajax)
  • If different users, logged or guests, for same URL should obtain same results for a pre-defined cache time.
If a ajax call could be used without tokens and for reason is using tokens, and the response do not really need "private", we are wasting CPU, memory and time. For webservices this can lead to more work than just load and entire HTML page. This could waste 100 to 10.000 more resources, so it make a huge diference.

About unique URL and cache 
Hosts are different and to be really sure about ajax call, is better by default, if you are using token, also add any additional param that will make URL unique every time, like based on browser datetime. This also solve some very ugly bugs with browser caching. With this, is more easy to use setup Varnish or any other cache system, in special if you do not have root access.

Att.
Emerson

Marca da Alligo Emerson Rocha Luiz
Sócio-fundador, Web Engineer
+55 51 9881-9146  |  http://www.alligo.com.br

Matt Thomas

unread,
May 30, 2013, 2:42:42 PM5/30/13
to Joomla! General Development
Thanks Emerson. Those are great points to keep in mind. I appreciate it!

Best,

Matt Thomas
Founder betweenbrain
Phone: 203.632.9322
Twitter: @betweenbrain


Júlio Pontes (Joomila)

unread,
May 30, 2013, 2:51:15 PM5/30/13
to joomla-de...@googlegroups.com
Hi Guys,

 Here and more configurable solution of "com_ajax" from Matt,

If you liked u can use in your project.

Ps.: You have more ways to define how to handle ajax requests.

https://github.com/juliopontes/joomla-ajax-handle
FEELERS




2013/5/28 Matt Thomas <ma...@betweenbrain.com>


2013/5/24 Matt Thomas <ma...@betweenbrain.com>
To unsubscribe from this group and stop receiving emails from it, send an email to joomla-dev-general+unsub...@googlegroups.com.

To post to this group, send an email to joomla-de...@googlegroups.com.
Visit this group at http://groups.google.com/group/joomla-dev-general?hl=en-GB.
For more options, visit https://groups.google.com/groups/opt_out.
 
 

--
You received this message because you are subscribed to the Google Groups "Joomla! General Development" group.
To unsubscribe from this group and stop receiving emails from it, send an email to joomla-dev-general+unsub...@googlegroups.com.

To post to this group, send an email to joomla-de...@googlegroups.com.
Visit this group at http://groups.google.com/group/joomla-dev-general?hl=en-GB.
For more options, visit https://groups.google.com/groups/opt_out.
 
 

--
You received this message because you are subscribed to the Google Groups "Joomla! General Development" group.
To unsubscribe from this group and stop receiving emails from it, send an email to joomla-dev-general+unsub...@googlegroups.com.

To post to this group, send an email to joomla-de...@googlegroups.com.
Visit this group at http://groups.google.com/group/joomla-dev-general?hl=en-GB.
For more options, visit https://groups.google.com/groups/opt_out.
 
 

--
You received this message because you are subscribed to the Google Groups "Joomla! General Development" group.
To unsubscribe from this group and stop receiving emails from it, send an email to joomla-dev-general+unsub...@googlegroups.com.

To post to this group, send an email to joomla-de...@googlegroups.com.
Visit this group at http://groups.google.com/group/joomla-dev-general?hl=en-GB.
For more options, visit https://groups.google.com/groups/opt_out.
 
 

--
You received this message because you are subscribed to the Google Groups "Joomla! General Development" group.
To unsubscribe from this group and stop receiving emails from it, send an email to joomla-dev-general+unsub...@googlegroups.com.

To post to this group, send an email to joomla-de...@googlegroups.com.
Visit this group at http://groups.google.com/group/joomla-dev-general?hl=en-GB.
For more options, visit https://groups.google.com/groups/opt_out.
 
 

--
You received this message because you are subscribed to the Google Groups "Joomla! General Development" group.
To unsubscribe from this group and stop receiving emails from it, send an email to joomla-dev-general+unsub...@googlegroups.com.

To post to this group, send an email to joomla-de...@googlegroups.com.
Visit this group at http://groups.google.com/group/joomla-dev-general?hl=en-GB.
For more options, visit https://groups.google.com/groups/opt_out.
 
 

--
You received this message because you are subscribed to the Google Groups "Joomla! General Development" group.
To unsubscribe from this group and stop receiving emails from it, send an email to joomla-dev-general+unsub...@googlegroups.com.

To post to this group, send an email to joomla-de...@googlegroups.com.
Visit this group at http://groups.google.com/group/joomla-dev-general?hl=en-GB.
For more options, visit https://groups.google.com/groups/opt_out.
 
 

--
You received this message because you are subscribed to the Google Groups "Joomla! General Development" group.
To unsubscribe from this group and stop receiving emails from it, send an email to joomla-dev-general+unsub...@googlegroups.com.

To post to this group, send an email to joomla-de...@googlegroups.com.
Visit this group at http://groups.google.com/group/joomla-dev-general?hl=en-GB.
For more options, visit https://groups.google.com/groups/opt_out.
 
 

--
You received this message because you are subscribed to the Google Groups "Joomla! General Development" group.
To unsubscribe from this group and stop receiving emails from it, send an email to joomla-dev-general+unsub...@googlegroups.com.

To post to this group, send an email to joomla-de...@googlegroups.com.
Visit this group at http://groups.google.com/group/joomla-dev-general?hl=en-GB.
For more options, visit https://groups.google.com/groups/opt_out.
 
 

--
You received this message because you are subscribed to the Google Groups "Joomla! General Development" group.
To unsubscribe from this group and stop receiving emails from it, send an email to joomla-dev-general+unsub...@googlegroups.com.
Message has been deleted

Matt Thomas

unread,
May 31, 2013, 6:45:46 AM5/31/13
to Joomla! General Development

Thanks Jurian!

This is excellent insight and I can definitely see where it's needed not to mention a great practice to follow. I'll begin work on implementing these, and some of the other great tips in this thread, as soon as I can. I've started a Wiki on Github, at https://github.com/betweenbrain/Joomla-Ajax-Interface/wiki/Tips-and-tricks, for compiling this information as well.

This also touches on an interesting point, as the idea behind the Ajax Interface is to provide a single entry point and then to step back out of the way to let the other Ajax extensions using it (i.e. a custom Ajax module) do their thing. I don't think these are techniques I can implement in the interface, but is instead great advice for implementers of it. 

What do you think?

For example, I was thinking about the token issue last night, and not sure if that is something the Ajax Interface would, or should, implement, or instead the Ajax extension that's using it. Just think about the case of if I added <?php echo JHtml::_('form.token'); ?> to the Ajax Interface. If the Ajax extension using the interface didn't check for that token, I'd be setting it for no reason. Is that a bad thing? I guess not, but would be a waste of resources as Emerson points out.

In the end, I think much of this points to needing Ajax support in the API or RAD layer.

Thanks to everyone. Keep the great ideas coming!

Best,

Matt Thomas
Founder betweenbrain™
Lead Developer Construct Template Development Framework
Phone: 203.632.9322
Twitter: @betweenbrain
Githubhttps://github.com/betweenbrain

Composed and delivered courtesy of Nexus 7.

On May 31, 2013 2:52 AM, "Jurian Even" <info@twentronix.com> wrote:
Indeed you really need to add a random string to the request URL. The best would be the date and not just a random number, since the date is always unique.

Also when you're checking the AJAX request, make sure to check for beginning and end tokens, which you add in the PHP file. It's quite common the request contains warnings or output from other extensions. For example an other plugin that's not working properly or a server that's throwing warnings at raw html output (I encountered them both). By checking for a unique beginning and end token and removing the other data you will solve this issue. Nicholas uses this code, I suggest to use different unique characters:

 // Protect from unauthorized access
defined('_JEXEC') or die();

@ob_end_clean();
echo '###'.json_encode($this->retarray).'###';
jexit();

In the Javascript this is checked and removed. The scanner of Admintools gives an example of this, see also /media/com_admintools/js/scan.js Also the random token that's appended to the URL. I think Nicholas doesn't mind if you use some of that code, but it wouldn't hurt to ask.

And the JavaScript code for a date to prevent caching:
var randomJunk = new Date().getTime();
url += '&randomJunk='+randomJunk;

Sometimes it's needed to do intensive requests in multiple steps to prevent time-outs. For example the Admintools scanner. It would be nice if something like that would be supported by the core AJAX extension. But that's perhaps for later.

Best regards,
Jurian

--
You received this message because you are subscribed to the Google Groups "Joomla! General Development" group.
To unsubscribe from this group and stop receiving emails from it, send an email to joomla-dev-gene...@googlegroups.com.

Thomas PAPIN

unread,
May 31, 2013, 11:42:57 AM5/31/13
to joomla-de...@googlegroups.com
Julio,

Nice & Small Plugin :) I like that !

Thomas



2013/5/30 Júlio Pontes (Joomila) <julio...@gmail.com>
To unsubscribe from this group and stop receiving emails from it, send an email to joomla-dev-gene...@googlegroups.com.
Message has been deleted

Amy Stephen

unread,
May 31, 2013, 3:49:08 PM5/31/13
to joomla-de...@googlegroups.com
Matt -

In a nutshell, want you want to ensure is that *all normal Joomla processing happens.* To me, that's the standard.

Said differently -
Your software does not create tokens, or manage sessions, or verify ACL, or determine if someone has timed out. That code is already there, why duplicate? Why create all that stuff to test, etc.?

The request should travel the same application path in Ajax as it was without Ajax.

In fact, that's the reason you went with the Component, over using a Plugin approach, was to force the request to travel the normal Joomla Application path.

What that means is by the time your request is at the com_ajax entry point, it is executing line 221 of the frontend Application class.

The Application class methods are fired off by the index.php which serves as the Joomla FrontController of sorts.

Initialise has already run.
- So, you have a user object. It can still be used to check ACL.
- You have a session
- You have a token
- (Later, deal with what to do about timeouts - because that will redirect to the login, low priority, but later)

Route has run. But, route ran with your component in context. And that is what it used to authorise the component acccess  - we don't actually know if the user can access anything else.

Dispatch is running. It is 221 of the frontend application class running this:
$contents = JComponentHelper::renderComponent($component);
The Helper is done now -- and all processes awaits your next move in the com_ajax entry point.

You have the full power of the entire Joomla application and you need to make certain what you do next ensures the request is treated the same way it would have been had it not been Ajax.

Modules - if you use the normal Joomla API to render the module, the ACL should be checked.

Plugins - again, if you are using the normal Joomla API, the ACL should be checked with your user object.

-- above assumes those extension types do what normal modules/plugins do and are not attempting to save data, etc., a job for a component --

Components - different kettle of fish. Your request, for example, the input - the urls, whatever you want to call it - have com_ajax in it. So, what kind of access do you want to enable? Generating a view? Or, updating data? Whatever it is - you need to make certain the same ACL steps were run and that the normal controller steps are used and that the request has the right values in it (task, views, etc.)

If you do that then you don't have to worry about tokens. Joomla will. You don't have to worry about ACL, Joomla does, or time outs or authentication or so on.

Back to the goal.

Ensure all normal Joomla processing happens.

Right now, for modules and plugins, I believe your process does that.

Before you step into components, there is some analysis required. It's doable, but you need to think it through.

Júlio Pontes

unread,
May 31, 2013, 4:34:11 PM5/31/13
to joomla-dev-general


Thomas PAPIN

unread,
Jun 1, 2013, 8:47:11 AM6/1/13
to joomla-de...@googlegroups.com
Julio,

What's the goal of "ajax_prefix" in your code ?

You add ACL for the plugin (so for every calls whatever is the module, component, plugins called)
Seems that only "ACL" of the components and the plugin will be used because you are using Joomla API to execute them (as Amy said)
but for the module, as you are loading yourself the module (by calling a function of the helper), you should maybe add some code to check the "module" ACL if any.

Thomas



2013/5/31 Júlio Pontes <julio...@gmail.com>

Amy Stephen

unread,
Jun 1, 2013, 8:49:41 AM6/1/13
to joomla-de...@googlegroups.com
Julio - you are hereby challenged to figure out how to route those components, instead of duplicating the code in a plugin. ;-)

As you do so, I think you'll run into challenges -- but those little "gotcha's" are where we need patches -- so that in the end, only one set of code is needed.

As a community, we need to get into the habit of using core, instead of avoiding it.  That also means it needs to get easier to get patches in. Maybe if we work together, we can get Ajax into core. But, IMO, it needs to follow that path.

Júlio Pontes

unread,
Jun 1, 2013, 10:54:18 AM6/1/13
to joomla-dev-general
Thomas,

Yep, i've put ACL check generally user settings.
We can apply this ACL check for only for modules call.

Amy,

I love challenge, I'll try to find another solution.

I'll explain here my points.

Components entry points example:

$controller = JControllerLegacy::getInstance('Content');
$controller->execute(JFactory::getApplication()->input->get('task'));
$controller->redirect();

The problem of reuse this entry point is the "$controller->redirect()" call.
Controller dont return any response prepared for ajax requests, unless if they have "controller.format".
Default components behaviors are execute task and add system message.
So I've decide use current solution.

Amy Stephen

unread,
Jun 1, 2013, 1:30:28 PM6/1/13
to joomla-de...@googlegroups.com
How about this idea? Change JInput parameters to simulate what the request would have been. Then, do the index.php file steps ($app->route();, then $app->dispatch()), capture the output in the com_ajax entry point and returning it -- that would use the normal Joomla path - so, no worries about tokens, or sessions, or ACL, , yes? And, it would complete the cycle normally.

Now, if that works - for both Display and Updates *minor* changes will be needed along the path. If we can identify those, then, every component would be ajax ready and Matt's approach should work for any component, any module or any plugin -- without duplicating the code.


Matt Thomas

unread,
Jun 1, 2013, 1:45:04 PM6/1/13
to Joomla! General Development

Amy,

As always, you're brilliant and extremely kind to take the time to investigate this and share your knowledge. Thank you!

I am very encourage by your response and see that I have some code to read to fully understand it.

That said, would/should it be the responsibility of com_ajax to enforce ACL, or the plugin or module being accessed by it? That is, depending on the plugin or module being called, keeping in the possibility of many of both potentially being used on one site, the access rules may vary. Of course, it may need to check ACL as module helper classes may not. Or, if it did, it would make coding them easier. Hmmm...

Best,

Matt Thomas
Founder betweenbrain™
Lead Developer Construct Template Development Framework
Phone: 203.632.9322
Twitter: @betweenbrain
Github: https://github.com/betweenbrain

Composed and delivered courtesy of Nexus 7.

Matt Thomas

unread,
Jun 1, 2013, 1:46:30 PM6/1/13
to Joomla! General Development

+1 for not needing to duplicate code :-)

Best,

Matt Thomas
Founder betweenbrain™
Lead Developer Construct Template Development Framework
Phone: 203.632.9322
Twitter: @betweenbrain
Github: https://github.com/betweenbrain

Composed and delivered courtesy of Nexus 7.

Amy Stephen

unread,
Jun 1, 2013, 1:52:06 PM6/1/13
to joomla-de...@googlegroups.com
IMO - it would be up to com_ajax to make certain everything that takes place with the normal HTTP non-ajax round trip - happens with Ajax, too. No more, no less.

It's not com_ajax's job to make certain the modules and plugins have good ACL handling.

It's com_ajax's job to do what Joomla normally does so that those processes run.

For modules and plugins, I believe your process accomplishes that goal.

We have to figure out the best approach for components and I am guessing their will be a few *minor* patches to get it working.

On the plus side, if we can do that, then any component should be Ajax ready. (And com_ajax can work as a dispatcher of sorts for any component, module or plugin.)

That would be pretty cool.

Matt Thomas

unread,
Jun 1, 2013, 2:03:41 PM6/1/13
to Joomla! General Development

Agreed. That would be super cool to make it so that any (existing?) component, module, or plugin could be Ajax ready. I'm definitely game to help make that happen.

Best,

Matt Thomas
Founder betweenbrain™
Lead Developer Construct Template Development Framework
Phone: 203.632.9322
Twitter: @betweenbrain
Github: https://github.com/betweenbrain

Composed and delivered courtesy of Nexus 7.

Amy Stephen

unread,
Jun 1, 2013, 2:06:30 PM6/1/13
to joomla-de...@googlegroups.com
Emerson -

Your comment about sessions is not ignored. I was not familiar with any problems related to sessions for guests, so appreciate you raising the issue. (Am I correct that here is no setting in Joomla to deactivate this right now?)

I did some searching on Google as a result of your comments to see if this was a problem for others and there are indeed a few published hacks out there to deactivate cookies and sessions. (And a long list of people telling the poster thanks). So, thanks for bringing it up.

If we can get through all normal processes (plugin, module, and component) -- that would be a good time to carefully consider potential impact of deactivating sessions/cookies/token for public. I am guessing there will be times that is just fine and as you so correctly stated, along with backing research (always nice), it can slow down the whole site unnecessarily. Of course, there are times we just can't do that. (Pretty much what you said in your note.)

I had started to respond to you but I got side-tracked. Just wanted to say "Hold that thought for now" but please don't let us forget. Good point and thanks.

Matt Thomas

unread,
Jun 1, 2013, 2:18:52 PM6/1/13
to Joomla! General Development

Thanks Amy, you're right. I did the same, got sidetracked, and didn't acknowledge Emerson's post. It got me thinking too, and did influence a real-world implementation that I'm working on right now. I agree that it needs more attention.

Also, thanks to Julio. I still have yet to look at his revised code, and will do so soon. But first, I really need to go paint the baby's room :-) 

Best,

Matt Thomas
Founder betweenbrain™
Lead Developer Construct Template Development Framework
Phone: 203.632.9322
Twitter: @betweenbrain
Github: https://github.com/betweenbrain

Composed and delivered courtesy of Nexus 7.

Júlio Pontes

unread,
Jun 2, 2013, 10:53:20 PM6/2/13
to joomla-dev-general
Amy,

I've updated for handle components using $app->dispatch(); its wokring, thanks.

test using code bellow:

jQuery.ajax({
    url: 'index.php',

    data: 'component=com_ajax&option=com_content&task=article.vote&user_rating=1&id=1&view=article&url=index.php'
});

Ps.: you need to send form token

git updated.

Amy Stephen

unread,
Jun 3, 2013, 12:15:26 AM6/3/13
to joomla-de...@googlegroups.com
Yes! Thank you! Will take a closer look tomorrow but that should make people much more receptive to this approach being used in core. That's "future proof." If changes are made to the component, those changes will be used by this approach. Good job.

Maybe you can work with Matt and get that component code into his package? Let you and Matt figure that out.

I know there are a couple of other things:

- Need a couple of view overrides - one for JSON, one for XML, that can automatically process any model data and properly escape, etc., the output. We'll have to figure out the best way to override the view.

- Need to walk through the controllers and deal with the redirects (no redirect for Ajax).

- The question of sessions from Emerson.

What else creates problems for Ajax usage in Joomla? 




On Sun, Jun 2, 2013 at 9:53 PM, Júlio Pontes <julio...@gmail.com> wrote:

 

Message has been deleted

Matt Thomas

unread,
Jun 3, 2013, 10:26:25 AM6/3/13
to Joomla! General Development
@Julio - That's beautiful code, I'll need to spend some time studying it. You've got something very nice there with being able to add Ajax to existing components.

@All - My personal preference is to, in fact, do something like this as a plugin and not as a component. It seems as though Julio has addressed all of the concerns with not doing it as a component. With that being said, is there any reason to pursue a component-based implementation? Achieving this with a plugin would be a win for me.



Best,

Matt Thomas
Founder betweenbrain
Phone: 203.632.9322
Twitter: @betweenbrain


Júlio Pontes

unread,
Jun 3, 2013, 11:38:03 AM6/3/13
to joomla-dev-general
@Amy,

I think we can use $app->dispatch() on component because comonents already use "option", so this way its impossible to call something like my plugin does.
E.g.: index.php?component=com_ajax&option=com_content ....
For that I think we have another solution like render component.

About reload problem. for plugin its not a problem, for components will be little bit hard to catch "system messages" after reload.


- Need a couple of view overrides - one for JSON, one for XML, that can automatically process any model data and properly escape, etc., the output. We'll have to figure out the best way to override the view.
Please give me a example, what you mean?


- Need to walk through the controllers and deal with the redirects (no redirect for Ajax).
We can send a parameter "jredirect=false" and they dont redirect.
Anyway if need to change Controller code I vote for add dispatch plugin on "execute" method, that will add more possibilities. (I vote for do this)








chivitli

unread,
Aug 10, 2013, 3:58:23 PM8/10/13
to joomla-de...@googlegroups.com
Hi,

Is anyone still interested in working on this? I'd like to contribute, but as few people already started, it'd be great if we could organize ourselves so this could be ready for 3.2 (if at all possible).

Júlio Pontes

unread,
Aug 10, 2013, 4:13:20 PM8/10/13
to joomla-dev-general
Chiv. if you can take a look at my proposal, and test. if are good I can submit for 3.2.

https://github.com/juliopontes/joomla-ajax-handle


Visit this group at http://groups.google.com/group/joomla-dev-general.

Matt Thomas

unread,
Aug 10, 2013, 4:18:17 PM8/10/13
to joomla-de...@googlegroups.com

Hello,

Yes, absolutely. I do have all of the files available on Github, would definitely appreciate any pull requests, and am using it in production without issue.

At one point, it was mentioned that the RAD layer (which I think will be in 3.2) may also fulfill this need. I will contact the RAD team to see if that may be the case and report back.

One thing to note is that this solution works as far back as Joomla 1.5 if you need it.

Best,

Matt Thomas
Founder betweenbrain™
Lead Developer Construct Template Development Framework
Phone: 203.632.9322
Twitter: @betweenbrain
Github: https://github.com/betweenbrain

Sent from mobile. Please excuse any typos and brevity.

Visit this group at http://groups.google.com/group/joomla-dev-general.

Marko Đedović

unread,
Aug 10, 2013, 4:21:44 PM8/10/13
to joomla-de...@googlegroups.com
Hi Julio,

I'll check/test the code you wrote and report the results here!

Thanks,
Marko

Marko Đedović

unread,
Aug 10, 2013, 4:29:28 PM8/10/13
to joomla-de...@googlegroups.com
Matt,

Are you using your solution in the production or the one Julio proposed?

Matt Thomas

unread,
Aug 10, 2013, 7:14:17 PM8/10/13
to joomla-de...@googlegroups.com

Marko,

I'm using mine in production. But, I've tested Julio's as well and it works great. If this can be achieved with a plugin, instead of a component, I think that would be wonderful.

I implemented mine as a component, as that seems like the expected way to do this in Joomla. But, I also enjoy seeing unexpected solutions.

Thanks for the interest!

Best,

Matt Thomas
Founder betweenbrain™
Lead Developer Construct Template Development Framework
Phone: 203.632.9322
Twitter: @betweenbrain
Github: https://github.com/betweenbrain

Sent from mobile. Please excuse any typos and brevity.

Fedir

unread,
Aug 11, 2013, 6:03:20 AM8/11/13
to joomla-de...@googlegroups.com
 If this can be achieved with a plugin, instead of a component, I think that would be wonderful.
Not really :)
Such thing I use in own projects as "fast solution" , but it is "tricky" solution ;)
And if make it as part of the joomla  then it need to be as component.

Reason is a simple: Joomla will call plugin for each request, and the component will call only when it realy need (only when request to this component).
So using the component we will avoid unnecessary work for the system. Also the component we can extend by plugins if it will be need.

Неділя, 11 серпня 2013 р. 02:14:17 UTC+3 користувач betweenbrain написав:
To unsubscribe from this group and stop receiving emails from it, send an email to joomla-dev-general+unsub...@googlegroups.com.
To post to this group, send an email to joomla-de...@googlegroups.com.
--
You received this message because you are subscribed to the Google Groups "Joomla! General Development" group.
To unsubscribe from this group and stop receiving emails from it, send an email to joomla-dev-general+unsub...@googlegroups.com.
To post to this group, send an email to joomla-de...@googlegroups.com.
--
You received this message because you are subscribed to the Google Groups "Joomla! General Development" group.
To unsubscribe from this group and stop receiving emails from it, send an email to joomla-dev-general+unsub...@googlegroups.com.
To post to this group, send an email to joomla-de...@googlegroups.com.
--
You received this message because you are subscribed to the Google Groups "Joomla! General Development" group.
To unsubscribe from this group and stop receiving emails from it, send an email to joomla-dev-general+unsub...@googlegroups.com.
To post to this group, send an email to joomla-de...@googlegroups.com.
--
You received this message because you are subscribed to the Google Groups "Joomla! General Development" group.
To unsubscribe from this group and stop receiving emails from it, send an email to joomla-dev-general+unsub...@googlegroups.com.
To post to this group, send an email to joomla-de...@googlegroups.com.
--
You received this message because you are subscribed to the Google Groups "Joomla! General Development" group.
To unsubscribe from this group and stop receiving emails from it, send an email to joomla-dev-general+unsub...@googlegroups.com.
To post to this group, send an email to joomla-de...@googlegroups.com.
--
You received this message because you are subscribed to the Google Groups "Joomla! General Development" group.
To unsubscribe from this group and stop receiving emails from it, send an email to joomla-dev-general+unsub...@googlegroups.com.

To post to this group, send an email to joomla-de...@googlegroups.com.

--
You received this message because you are subscribed to the Google Groups "Joomla! General Development" group.
To unsubscribe from this group and stop receiving emails from it, send an email to joomla-dev-general+unsub...@googlegroups.com.

Marko Đedović

unread,
Aug 11, 2013, 12:45:14 PM8/11/13
to joomla-de...@googlegroups.com
I tried the code Julio wrote, and had no problems so far. But, I think 'Request mode' needs to be removed as an option. There should be one standard way how to use Ajax, otherwise if we leave it as an option, some extensions that use it won't be compatible. Imagine extension A) uses fake component call, and extension B) uses custom variable. They can't work both. Not to mention that the site owner could decide to try 'what does this option do' and break something. I don't think it's something which should be configurable. I guess the same should be done for Token Suffix/Prefix.
Line 74: "$ajax_checktoken = $this->params->get('ajax_checktoken');" does nothing, probably some leftover after refactoring?

I need to check the code more, but I'd like to test the solution Matt proposed as well. Any news from the RAD team, Matt?

Fedir, as far as I know, Joomla doesn't call all plugins with every request, e.g. plugins from the 'editor' group are not executed when you are opening a page without editing capabilities?
To unsubscribe from this group and stop receiving emails from it, send an email to joomla-dev-gene...@googlegroups.com.
To post to this group, send an email to joomla-de...@googlegroups.com.
--
You received this message because you are subscribed to the Google Groups "Joomla! General Development" group.
To unsubscribe from this group and stop receiving emails from it, send an email to joomla-dev-gene...@googlegroups.com.
To post to this group, send an email to joomla-de...@googlegroups.com.
--
You received this message because you are subscribed to the Google Groups "Joomla! General Development" group.
To unsubscribe from this group and stop receiving emails from it, send an email to joomla-dev-gene...@googlegroups.com.
To post to this group, send an email to joomla-de...@googlegroups.com.
--
You received this message because you are subscribed to the Google Groups "Joomla! General Development" group.
To unsubscribe from this group and stop receiving emails from it, send an email to joomla-dev-gene...@googlegroups.com.
To post to this group, send an email to joomla-de...@googlegroups.com.
--
You received this message because you are subscribed to the Google Groups "Joomla! General Development" group.
To unsubscribe from this group and stop receiving emails from it, send an email to joomla-dev-gene...@googlegroups.com.
To post to this group, send an email to joomla-de...@googlegroups.com.
--
You received this message because you are subscribed to the Google Groups "Joomla! General Development" group.
To unsubscribe from this group and stop receiving emails from it, send an email to joomla-dev-gene...@googlegroups.com.
To post to this group, send an email to joomla-de...@googlegroups.com.
--
You received this message because you are subscribed to the Google Groups "Joomla! General Development" group.
To unsubscribe from this group and stop receiving emails from it, send an email to joomla-dev-gene...@googlegroups.com.

To post to this group, send an email to joomla-de...@googlegroups.com.
--
You received this message because you are subscribed to the Google Groups "Joomla! General Development" group.
To unsubscribe from this group and stop receiving emails from it, send an email to joomla-dev-gene...@googlegroups.com.

Marko Đedović

unread,
Aug 11, 2013, 1:12:16 PM8/11/13
to joomla-de...@googlegroups.com
Quick findings for Matt's extension: Works fine as well on the frontend, but needs cleaning up. As this feature cannot go to 2.5, JInput should be used instead of JRequest.

If you try to access it directly from the backend using the component menu item, it results with a blank page with 'undefined variable' notice (simple to fix). Even without notice, it results with blank page due to $app->close();. If this solution will be accepted, there has to be some backend for the component, even an empty page saying "Component which supports ajax functionality". Having a blank page accessed via menu item in the backend will most likely result in site owners calling for help as something "is broken". Unless there is an option to remove the link from the menu?

Beat

unread,
Aug 11, 2013, 1:25:27 PM8/11/13
to joomla-de...@googlegroups.com
Actually, for Joomla 3.2 administrator area, you should submit pull requests for improvements to the JUX workgroup:

https://github.com/joomla-projects/joomla-cms/tree/jux

As we have already made quite some improvements, and it will be easier to merge.

And also want to join JUX now  and become active in its forums too:
http://ux.joomla.org/

Best Regards,
Beat
http://www.joomlapolis.com/

George Wilson

unread,
Aug 11, 2013, 1:37:44 PM8/11/13
to joomla-de...@googlegroups.com
Actually JRequest should be used for Joomla 2.5 as magic quotes are allowed in the 2.5 series which means JInput is unusable. That being said. No new features at all are going to be added to 2.5 from now on from what I understand. Everything now will go into 3.x only (and after this month 4.x). This DOES mean JInput should be used.

Kind Regards,
George


--
You received this message because you are subscribed to a topic in the Google Groups "Joomla! General Development" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/joomla-dev-general/i1syYWshGsY/unsubscribe.
To unsubscribe from this group and all of its topics, send an email to joomla-dev-gene...@googlegroups.com.

Matt Thomas

unread,
Aug 11, 2013, 2:16:38 PM8/11/13
to joomla-de...@googlegroups.com

Marko,

Thanks for the great feedback. No, word from the RAD team yet, but I haven't had a chance to contact them anywhere other than Nicholas on Twitter.

Regarding the blank page, it is my intention to add a post install script to remove the back-end menu item.  I originally developed this for 1.5, and then ported that for 2.5+, so that addition is needed.

If possible, I'd like to maintain compatability with all versions, at least for the time being. For submission for 3.2, I'll probably create another branch for 2.5 compatability, and make the JInput changes in the current develop/master branches.

Thanks again!

Best,

Matt Thomas
Founder betweenbrain™
Lead Developer Construct Template Development Framework
Phone: 203.632.9322
Twitter: @betweenbrain
Github: https://github.com/betweenbrain

Sent from mobile. Please excuse any typos and brevity.

Fedir

unread,
Aug 11, 2013, 4:32:48 PM8/11/13
to joomla-de...@googlegroups.com
Fedir, as far as I know, Joomla doesn't call all plugins with every request, e.g. plugins from the 'editor' group are not executed when you are opening a page without editing capabilities?
Yes right, but I did not mean "all plugins" ... I mean the system plugins that Júlio use for realisation this idea. 
Joomla will call PlgSystemAjax::onAfterRoute() for each request, that adds unnecessary work for CMS ... 

Неділя, 11 серпня 2013 р. 19:45:14 UTC+3 користувач Marko Đedović написав:
To unsubscribe from this group and stop receiving emails from it, send an email to joomla-dev-general+unsub...@googlegroups.com.
To post to this group, send an email to joomla-de...@googlegroups.com.
--
You received this message because you are subscribed to the Google Groups "Joomla! General Development" group.
To unsubscribe from this group and stop receiving emails from it, send an email to joomla-dev-general+unsub...@googlegroups.com.
To post to this group, send an email to joomla-de...@googlegroups.com.
--
You received this message because you are subscribed to the Google Groups "Joomla! General Development" group.
To unsubscribe from this group and stop receiving emails from it, send an email to joomla-dev-general+unsub...@googlegroups.com.
To post to this group, send an email to joomla-de...@googlegroups.com.
--
You received this message because you are subscribed to the Google Groups "Joomla! General Development" group.
To unsubscribe from this group and stop receiving emails from it, send an email to joomla-dev-general+unsub...@googlegroups.com.
To post to this group, send an email to joomla-de...@googlegroups.com.
--
You received this message because you are subscribed to the Google Groups "Joomla! General Development" group.
To unsubscribe from this group and stop receiving emails from it, send an email to joomla-dev-general+unsub...@googlegroups.com.
To post to this group, send an email to joomla-de...@googlegroups.com.
--
You received this message because you are subscribed to the Google Groups "Joomla! General Development" group.
To unsubscribe from this group and stop receiving emails from it, send an email to joomla-dev-general+unsub...@googlegroups.com.
To post to this group, send an email to joomla-de...@googlegroups.com.
--
You received this message because you are subscribed to the Google Groups "Joomla! General Development" group.
To unsubscribe from this group and stop receiving emails from it, send an email to joomla-dev-general+unsub...@googlegroups.com.

To post to this group, send an email to joomla-de...@googlegroups.com.
--
You received this message because you are subscribed to the Google Groups "Joomla! General Development" group.
To unsubscribe from this group and stop receiving emails from it, send an email to joomla-dev-general+unsub...@googlegroups.com.

Matt Thomas

unread,
Aug 11, 2013, 11:30:02 PM8/11/13
to Joomla! General Development
As a quick update, I have replaced JRequest with JInput and added a post-install script to remove menu entries. This work has been done in the develop branch at https://github.com/betweenbrain/Joomla-Ajax-Interface/tree/develop. Feel free to test and report any issues on Github.

Best,

Matt Thomas
Founder betweenbrain
Phone: 203.632.9322
Twitter: @betweenbrain


To unsubscribe from this group and stop receiving emails from it, send an email to joomla-dev-gene...@googlegroups.com.

Marko Đedović

unread,
Aug 12, 2013, 3:33:11 AM8/12/13
to joomla-de...@googlegroups.com
Hi Matt,

I sent a pull request with some changes (github newbie alert in case I did something wrong).

I replaced two more JRequests, initialized $results just in case, removed index.html files as they are not needed anymore (http://community.joomla.org/blogs/leadership/1737-the-jed-indexhtml-requirement-dropped.html), and changed exception handling, I am not a fan of print_r usage in that case :)
To unsubscribe from this group and stop receiving emails from it, send an email to joomla-dev-gene...@googlegroups.com.
To post to this group, send an email to joomla-de...@googlegroups.com.
--
You received this message because you are subscribed to the Google Groups "Joomla! General Development" group.
To unsubscribe from this group and stop receiving emails from it, send an email to joomla-dev-gene...@googlegroups.com.
To post to this group, send an email to joomla-de...@googlegroups.com.
--
You received this message because you are subscribed to the Google Groups "Joomla! General Development" group.
To unsubscribe from this group and stop receiving emails from it, send an email to joomla-dev-gene...@googlegroups.com.
To post to this group, send an email to joomla-de...@googlegroups.com.
--
You received this message because you are subscribed to the Google Groups "Joomla! General Development" group.
To unsubscribe from this group and stop receiving emails from it, send an email to joomla-dev-gene...@googlegroups.com.
To post to this group, send an email to joomla-de...@googlegroups.com.
--
You received this message because you are subscribed to the Google Groups "Joomla! General Development" group.
To unsubscribe from this group and stop receiving emails from it, send an email to joomla-dev-gene...@googlegroups.com.
To post to this group, send an email to joomla-de...@googlegroups.com.
--
You received this message because you are subscribed to the Google Groups "Joomla! General Development" group.
To unsubscribe from this group and stop receiving emails from it, send an email to joomla-dev-gene...@googlegroups.com.
To post to this group, send an email to joomla-de...@googlegroups.com.
--
You received this message because you are subscribed to the Google Groups "Joomla! General Development" group.
To unsubscribe from this group and stop receiving emails from it, send an email to joomla-dev-gene...@googlegroups.com.
To post to this group, send an email to joomla-de...@googlegroups.com.
--
You received this message because you are subscribed to the Google Groups "Joomla! General Development" group.
To unsubscribe from this group and stop receiving emails from it, send an email to joomla-dev-gene...@googlegroups.com.
To post to this group, send an email to joomla-de...@googlegroups.com.
Visit this group at http://groups.google.com/group/joomla-dev-general.
For more options, visit https://groups.google.com/groups/opt_out.
 
 

George Wilson

unread,
Aug 12, 2013, 4:36:53 AM8/12/13
to joomla-de...@googlegroups.com
Joomla! still is keeping index.html files. So I think we probably should stick with them if this is going into Joomla! Core

Kind Regards,
George
To unsubscribe from this group and stop receiving emails from it, send an email to joomla-dev-general+unsub...@googlegroups.com.
To post to this group, send an email to joomla-de...@googlegroups.com.
--
You received this message because you are subscribed to the Google Groups "Joomla! General Development" group.
To unsubscribe from this group and stop receiving emails from it, send an email to joomla-dev-general+unsub...@googlegroups.com.
To post to this group, send an email to joomla-de...@googlegroups.com.
--
You received this message because you are subscribed to the Google Groups "Joomla! General Development" group.
To unsubscribe from this group and stop receiving emails from it, send an email to joomla-dev-general+unsub...@googlegroups.com.
To post to this group, send an email to joomla-de...@googlegroups.com.
--
You received this message because you are subscribed to the Google Groups "Joomla! General Development" group.
To unsubscribe from this group and stop receiving emails from it, send an email to joomla-dev-general+unsub...@googlegroups.com.
To post to this group, send an email to joomla-de...@googlegroups.com.
--
You received this message because you are subscribed to the Google Groups "Joomla! General Development" group.
To unsubscribe from this group and stop receiving emails from it, send an email to joomla-dev-general+unsub...@googlegroups.com.
To post to this group, send an email to joomla-de...@googlegroups.com.
--
You received this message because you are subscribed to the Google Groups "Joomla! General Development" group.
To unsubscribe from this group and stop receiving emails from it, send an email to joomla-dev-general+unsub...@googlegroups.com.
To post to this group, send an email to joomla-de...@googlegroups.com.
--
You received this message because you are subscribed to the Google Groups "Joomla! General Development" group.
To unsubscribe from this group and stop receiving emails from it, send an email to joomla-dev-general+unsub...@googlegroups.com.

To post to this group, send an email to joomla-de...@googlegroups.com.
--
You received this message because you are subscribed to the Google Groups "Joomla! General Development" group.
To unsubscribe from this group and stop receiving emails from it, send an email to joomla-dev-general+unsub...@googlegroups.com.

To post to this group, send an email to joomla-de...@googlegroups.com.
Visit this group at http://groups.google.com/group/joomla-dev-general.
For more options, visit https://groups.google.com/groups/opt_out.
 
 
--
You received this message because you are subscribed to the Google Groups "Joomla! General Development" group.
To unsubscribe from this group and stop receiving emails from it, send an email to joomla-dev-general+unsub...@googlegroups.com.

Marko Đedović

unread,
Aug 12, 2013, 5:00:01 AM8/12/13
to joomla-de...@googlegroups.com
Thanks for the info George, I updated my pull request
To unsubscribe from this group and stop receiving emails from it, send an email to joomla-dev-gene...@googlegroups.com.
To post to this group, send an email to joomla-de...@googlegroups.com.
--
You received this message because you are subscribed to the Google Groups "Joomla! General Development" group.
To unsubscribe from this group and stop receiving emails from it, send an email to joomla-dev-gene...@googlegroups.com.
To post to this group, send an email to joomla-de...@googlegroups.com.
--
You received this message because you are subscribed to the Google Groups "Joomla! General Development" group.
To unsubscribe from this group and stop receiving emails from it, send an email to joomla-dev-gene...@googlegroups.com.
To post to this group, send an email to joomla-de...@googlegroups.com.
--
You received this message because you are subscribed to the Google Groups "Joomla! General Development" group.
To unsubscribe from this group and stop receiving emails from it, send an email to joomla-dev-gene...@googlegroups.com.
To post to this group, send an email to joomla-de...@googlegroups.com.
--
You received this message because you are subscribed to the Google Groups "Joomla! General Development" group.
To unsubscribe from this group and stop receiving emails from it, send an email to joomla-dev-gene...@googlegroups.com.
To post to this group, send an email to joomla-de...@googlegroups.com.
--
You received this message because you are subscribed to the Google Groups "Joomla! General Development" group.
To unsubscribe from this group and stop receiving emails from it, send an email to joomla-dev-gene...@googlegroups.com.
To post to this group, send an email to joomla-de...@googlegroups.com.
--
You received this message because you are subscribed to the Google Groups "Joomla! General Development" group.
To unsubscribe from this group and stop receiving emails from it, send an email to joomla-dev-gene...@googlegroups.com.

To post to this group, send an email to joomla-de...@googlegroups.com.
--
You received this message because you are subscribed to the Google Groups "Joomla! General Development" group.
To unsubscribe from this group and stop receiving emails from it, send an email to joomla-dev-gene...@googlegroups.com.

To post to this group, send an email to joomla-de...@googlegroups.com.
Visit this group at http://groups.google.com/group/joomla-dev-general.
For more options, visit https://groups.google.com/groups/opt_out.
 
 
--
You received this message because you are subscribed to the Google Groups "Joomla! General Development" group.
To unsubscribe from this group and stop receiving emails from it, send an email to joomla-dev-gene...@googlegroups.com.

Marko Đedović

unread,
Aug 13, 2013, 5:21:35 PM8/13/13
to joomla-de...@googlegroups.com
Thinking a bit more, I am not sure the way module helpers are included is safe. You can include any file of any module and call any method. That can't be right. If it's to be implemented, I think only methods prefixed with something specific like 'ajax' should be allowed. This applies to both Julios's and Matt's proposal.There is also one more undefined variable ($params when calling modules) in both proposals, but I have no time for another pull request now.

Matt Thomas

unread,
Aug 13, 2013, 5:49:48 PM8/13/13
to joomla-de...@googlegroups.com

I've been contemplating the idea of enforcing more of a limited scope for what can be called. For example, on only being able to call a plugin that belongs to the Ajax group, with an onAjax event, and only being able to call a module's helper getAjax method. That's easily done.

I'm also convinced that components should not be arbitrarily accessed directly via any Ajax interface. If they are, there also needs to be a strict limitation.

Best,

Matt Thomas
Founder betweenbrain™
Lead Developer Construct Template Development Framework
Phone: 203.632.9322
Twitter: @betweenbrain
Github: https://github.com/betweenbrain

Sent from mobile. Please excuse any typos and brevity.

Marko Đedović

unread,
Aug 14, 2013, 2:12:04 AM8/14/13
to joomla-de...@googlegroups.com
I agree. I don't know if components should be included in this at all, as whoever needs it in a component can make a raw view.

Dmitry Rekun

unread,
Aug 14, 2013, 2:36:29 AM8/14/13
to joomla-de...@googlegroups.com
Do not think that components should be included. Usually they implement own ajax requests flow.

Dmitry
To unsubscribe from this group and stop receiving emails from it, send an email to joomla-dev-general+unsub...@googlegroups.com.
To post to this group, send an email to joomla-de...@googlegroups.com.
--
You received this message because you are subscribed to the Google Groups "Joomla! General Development" group.
To unsubscribe from this group and stop receiving emails from it, send an email to joomla-dev-general+unsub...@googlegroups.com.
To post to this group, send an email to joomla-de...@googlegroups.com.
--
You received this message because you are subscribed to the Google Groups "Joomla! General Development" group.
To unsubscribe from this group and stop receiving emails from it, send an email to joomla-dev-general+unsub...@googlegroups.com.
To post to this group, send an email to joomla-de...@googlegroups.com.
--
You received this message because you are subscribed to the Google Groups "Joomla! General Development" group.
To unsubscribe from this group and stop receiving emails from it, send an email to joomla-dev-general+unsub...@googlegroups.com.
To post to this group, send an email to joomla-de...@googlegroups.com.
--
You received this message because you are subscribed to the Google Groups "Joomla! General Development" group.
To unsubscribe from this group and stop receiving emails from it, send an email to joomla-dev-general+unsub...@googlegroups.com.
To post to this group, send an email to joomla-de...@googlegroups.com.
--
You received this message because you are subscribed to the Google Groups "Joomla! General Development" group.
To unsubscribe from this group and stop receiving emails from it, send an email to joomla-dev-general+unsub...@googlegroups.com.
To post to this group, send an email to joomla-de...@googlegroups.com.
--
You received this message because you are subscribed to the Google Groups "Joomla! General Development" group.
To unsubscribe from this group and stop receiving emails from it, send an email to joomla-dev-general+unsub...@googlegroups.com.

To post to this group, send an email to joomla-de...@googlegroups.com.
--
You received this message because you are subscribed to the Google Groups "Joomla! General Development" group.
To unsubscribe from this group and stop receiving emails from it, send an email to joomla-dev-general+unsub...@googlegroups.com.

To post to this group, send an email to joomla-de...@googlegroups.com.
Visit this group at http://groups.google.com/group/joomla-dev-general.
For more options, visit https://groups.google.com/groups/opt_out.
 
 
--
You received this message because you are subscribed to the Google Groups "Joomla! General Development" group.
To unsubscribe from this group and stop receiving emails from it, send an email to joomla-dev-general+unsub...@googlegroups.com.

To post to this group, send an email to joomla-de...@googlegroups.com.
Visit this group at http://groups.google.com/group/joomla-dev-general.
For more options, visit https://groups.google.com/groups/opt_out.
 
 

--
You received this message because you are subscribed to the Google Groups "Joomla! General Development" group.
To unsubscribe from this group and stop receiving emails from it, send an email to joomla-dev-general+unsub...@googlegroups.com.

Amy Stephen

unread,
Aug 14, 2013, 7:00:00 PM8/14/13
to joomla-de...@googlegroups.com
What if someone wants to use article content in my module and get the next 10 rows using Ajax? Thought opening things up was a goal?

What is the concern (assuming this process continues to follow the normal component workflow, meaning ACL, models, etc.)?

Not a big deal to me but am curious what the concerns might be.


To unsubscribe from this group and stop receiving emails from it, send an email to joomla-dev-gene...@googlegroups.com.

George Wilson

unread,
Aug 14, 2013, 7:37:36 PM8/14/13
to joomla-de...@googlegroups.com
If someone wants to get stuff from com_content through AJAX then to me there should be an json view to do this. Just because these things aren't used by core doesn't mean to say they shouldn't exist for exactly that reason!

Kind Regards,
George


--
You received this message because you are subscribed to a topic in the Google Groups "Joomla! General Development" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/joomla-dev-general/i1syYWshGsY/unsubscribe.
To unsubscribe from this group and all of its topics, send an email to joomla-dev-gene...@googlegroups.com.

Bakual

unread,
Aug 15, 2013, 1:35:36 AM8/15/13
to joomla-de...@googlegroups.com
The module would need a getAyax method which would fetch those articles. Com_ayax would allow the module to make and respond to the ayax call, which isn't possible today.

Matt Thomas

unread,
Aug 15, 2013, 9:10:11 AM8/15/13
to Joomla! General Development
Hi everyone,

While my wife was in labor yesterday, I made the changes necessary to limit the scope of com_ajax to the getAjax method in the module's helper.php. I've also added some other checks to throw a 404 error if they aren't met. The current 3.x version can be seen at https://github.com/betweenbrain/Joomla-Ajax-Interface. The baby came before I could create a feature tracker item, so I'll get to that soon.

The reason for limiting the scope of com_ajax is summed up very well by Nicholas on Twitter:

BTW, your solution is very problematic from a security perspective. It gives a malicious actor deep insight on the system. - https://twitter.com/joovlaki/status/366808122599276548

Security is an issue that I've been concerned about for some time, and certainly didn't want to expose Joomla to any security issues. With the revised implementation, deep profiling is resolved (and approved by Nicholas https://twitter.com/joovlaki/status/367553835558252544) while still allowing extensibility to interact with other extensions. The way I see it:
  • Component developers can still add a json view to their own component
  • Plugins and modules can be created to interact with components created by other developers to implement ajax with other non-core extensions (i.e. an ajax module accessing another module's models, or non-core component)
  • Plugins can be developed to add ajax to core components
In all cases, plugins and modules can be enabled/disabled to address any profiling issues and allow for control of exposure by site admins.

I hope that this seems like a good solution to address all concerns. To me, it seems like a good common-ground solution while maintaining a relatively easy path for extensibility.


Best,

Matt Thomas
Founder betweenbrain
Phone: 203.632.9322
Twitter: @betweenbrain


On Thu, Aug 15, 2013 at 1:35 AM, Bakual <werbe...@bakual.ch> wrote:
The module would need a getAyax method which would fetch those articles. Com_ayax would allow the module to make and respond to the ayax call, which isn't possible today.

Sergio Manzi

unread,
Aug 15, 2013, 9:45:18 AM8/15/13
to joomla-de...@googlegroups.com
Congratulations, Matt!
Best wishes to you, your wife and your new baby.

Bakual

unread,
Aug 15, 2013, 10:03:34 AM8/15/13
to joomla-de...@googlegroups.com
Offtopic but more important: congratulation to your baby! Enjoy it as much as you can :)

Paul Orwig

unread,
Aug 15, 2013, 11:58:06 AM8/15/13
to joomla-de...@googlegroups.com
Congratulations Matt! I just hope your wife isn't subscribed to this list...

paul


On Thu, Aug 15, 2013 at 8:03 AM, Bakual <werbe...@bakual.ch> wrote:
Offtopic but more important: congratulation to your baby! Enjoy it as much as you can :)

Matt Thomas

unread,
Aug 15, 2013, 12:49:25 PM8/15/13
to joomla-de...@googlegroups.com

Thanks everyone! Sorry if I distracted the thread with that comment.

@Paul - fortunately for me, she doesn't follow the Joomla world beyond what I share with her.

I do hope this revised approach for an extensible Ajax solution works well for everyone.

Best,

Matt Thomas
Founder betweenbrain™
Lead Developer Construct Template Development Framework
Phone: 203.632.9322
Twitter: @betweenbrain
Github: https://github.com/betweenbrain

Sent from mobile. Please excuse any typos and brevity.

Marko Đedović

unread,
Aug 15, 2013, 5:26:45 PM8/15/13
to joomla-de...@googlegroups.com
Congratulations, Matt!

Regarding ajax module, this way it's limited to one ajax method per module helper. What about allowing multiple methods which start with getAjax? And in case there is no additional parameter in the ajax call, to take getAjax() as the default?

George Wilson

unread,
Aug 15, 2013, 8:49:33 PM8/15/13
to joomla-de...@googlegroups.com
This is a good point. In at least one of my modules I'd be looking to getContent and then postContent via AJAX

Kind Regards,
George


On Thursday, August 15, 2013 10:26:45 PM UTC+1, Marko Đedović wrote:
Congratulations, Matt!

Regarding ajax module, this way it's limited to one ajax method per module helper. What about allowing multiple methods which start with getAjax? And in case there is no additional parameter in the ajax call, to take getAjax() as the default?


On Thursday, August 15, 2013 6:49:25 PM UTC+2, betweenbrain wrote:

Thanks everyone! Sorry if I distracted the thread with that comment.

@Paul - fortunately for me, she doesn't follow the Joomla world beyond what I share with her.

I do hope this revised approach for an extensible Ajax solution works well for everyone.

Best,

Matt Thomas
Founder betweenbrain™
Lead Developer Construct Template Development Framework
Phone: 203.632.9322
Twitter: @betweenbrain
Github: https://github.com/betweenbrain

Sent from mobile. Please excuse any typos and brevity.

On Aug 15, 2013 11:58 AM, "Paul Orwig" <paul....@opensourcematters.org> wrote:
Congratulations Matt! I just hope your wife isn't subscribed to this list...

paul
On Thu, Aug 15, 2013 at 8:03 AM, Bakual <werbe...@bakual.ch> wrote:
Offtopic but more important: congratulation to your baby! Enjoy it as much as you can :)

--
You received this message because you are subscribed to the Google Groups "Joomla! General Development" group.
To unsubscribe from this group and stop receiving emails from it, send an email to joomla-dev-general+unsub...@googlegroups.com.

To post to this group, send an email to joomla-de...@googlegroups.com.
Visit this group at http://groups.google.com/group/joomla-dev-general.
For more options, visit https://groups.google.com/groups/opt_out.
--
You received this message because you are subscribed to the Google Groups "Joomla! General Development" group.
To unsubscribe from this group and stop receiving emails from it, send an email to joomla-dev-general+unsub...@googlegroups.com.

Matt Thomas

unread,
Aug 15, 2013, 10:59:52 PM8/15/13
to joomla-de...@googlegroups.com

Would a module ever need to do anything via Ajax other than 'get' or 'set'? That is, since a 'getAjax' or 'setAjax' method could call private functions based on other variables/values passed via the URL, this could keep com_ajax as simple as possible while allowing a sufficient number of logical paths without arbitrarily exposing the entire site.

PS: Thanks Marko!

Best,

Matt Thomas
Founder betweenbrain™
Lead Developer Construct Template Development Framework
Phone: 203.632.9322
Twitter: @betweenbrain
Github: https://github.com/betweenbrain

Sent from mobile. Please excuse any typos and brevity.

To unsubscribe from this group and stop receiving emails from it, send an email to joomla-dev-gene...@googlegroups.com.

Matt Thomas

unread,
Aug 20, 2013, 12:14:48 PM8/20/13
to Joomla! General Development
I have created a pull request to add this to core at https://github.com/joomla/joomla-cms/pull/1778 and feature tracker item at http://joomlacode.org/gf/project/joomla/tracker/?action=TrackerItemEdit&tracker_id=8549&tracker_item_id=31800.


Looking forward to your feedback!

Best,

Matt Thomas
Founder betweenbrain
Phone: 203.632.9322
Twitter: @betweenbrain


Júlio Pontes

unread,
Aug 20, 2013, 12:16:30 PM8/20/13
to joomla-dev-general
Matt, cool :)

Matt Thomas

unread,
Aug 20, 2013, 12:19:24 PM8/20/13
to Joomla! General Development
Thanks Julio!

One thing that I forgot to mention was that I've added support for any method ending in Ajax. For example getAjax(), setAjax(), doSomethingReallyCoolWithAjax()... etc. Off to update some documentation.

Best,

Matt Thomas
Founder betweenbrain
Phone: 203.632.9322
Twitter: @betweenbrain


Fedir

unread,
Aug 21, 2013, 4:32:11 AM8/21/13
to joomla-de...@googlegroups.com
I would suggest change:

if ($input->get('module')){}
if ($input->get('plugin')){}

to:
if ($input->get('module')){}
elseif ($input->get('plugin')){}

because  option=com_ajax&module=my-cool-module&plugin=my-cool-plugin return result for a "plugin" only

other thing,
allow to use a module title, because just "name" not allow to load desided module, if there a couple ...
i.e. index.php?option=com_ajax&module=foo&title=bar
$moduleObject = JModuleHelper::getModule('mod_' . $module, $title);
but best solution it load by ID of course, but I not sure how to make it...

and what about external request? maybe need add "token" ? ... because this looks not safe, it add not full but free access to backend  ;)



Вівторок, 20 серпня 2013 р. 19:19:24 UTC+3 користувач betweenbrain написав:
Matt, cool :)


--
 
  

  


Chris Davenport

unread,
Aug 21, 2013, 8:00:04 AM8/21/13
to joomla-de...@googlegroups.com
Haven't had chance to test, but a couple of comments from a quick look at the code:

1. ajax.php appears to be the same for site and admin.  Why the duplication (more code to maintain)?  Just choose one and include it from the other.
2. When responding with ajax I think you should output a Content-Type: application/json header.  Or perhaps Joomla does that automatically?

Chris.



--
You received this message because you are subscribed to the Google Groups "Joomla! General Development" group.
To unsubscribe from this group and stop receiving emails from it, send an email to joomla-dev-gene...@googlegroups.com.
To post to this group, send an email to joomla-de...@googlegroups.com.
Visit this group at http://groups.google.com/group/joomla-dev-general.
For more options, visit https://groups.google.com/groups/opt_out.



--
Chris Davenport
Joomla Production Leadership Team

Matt Thomas

unread,
Aug 22, 2013, 8:15:49 AM8/22/13
to Joomla! General Development

@Fedir Thanks for the feedback. You read my mind about the if/else statement. I hadn't been too concerned about that in the past, but was thinking about it last night. Why not even support both and combine the results as different array nodes?

I do see your point about the title, but it's not really needed as this portion of the code just checks if the module is published and doesn't effect the file included.

Regarding tokens, I added a response at https://github.com/joomla/joomla-cms/pull/1778. For those not following the PR:

" I would argue that tokens are something that should be handled by module or plugin. Reason being that there are cases where you do want external sites or persons to consume the Ajax response without authentication. One other thing to keep in mind is that access settings for modules are honored."

Best,

Matt Thomas
Founder betweenbrain™
Lead Developer Construct Template Development Framework
Phone: 203.632.9322
Twitter: @betweenbrain
Github: https://github.com/betweenbrain

Matt Thomas

unread,
Aug 22, 2013, 8:23:54 AM8/22/13
to Joomla! General Development

@Chris Thanks for taking a look

1. I am honestly a bit embarrassed for not doing that to begin with. I need to add an alarm to my keyboard so my wife can slap me when I press Ctrl+v. Thank you.
2. I have tried changing the Content-type header ( https://github.com/betweenbrain/Joomla-Ajax-Interface/commit/828e0f2b5d5167ded7bd30a592e51c60ce1ad275) but it seems to be overwritten and changed back to text/html. I'm open to suggestions on how to resolve that.

Best,

Matt Thomas
Founder betweenbrain™
Lead Developer Construct Template Development Framework
Phone: 203.632.9322
Twitter: @betweenbrain
Github: https://github.com/betweenbrain

Matt Thomas

unread,
Aug 24, 2013, 10:23:28 AM8/24/13
to Joomla! General Development

For anyone not following the tracker item or pull request, a few other people have been generous enough to review the code (thank you all!) and I've also added detailed test instructions and links to the test modules/plugin.

Testing should only take about five minutes.

Thanks for any time that you can spare!

Best,

Matt Thomas
Founder betweenbrain™
Lead Developer Construct Template Development Framework
Phone: 203.632.9322
Twitter: @betweenbrain
Github: https://github.com/betweenbrain

Gavin

unread,
Aug 26, 2013, 4:36:44 PM8/26/13
to joomla-de...@googlegroups.com
Hi Matt,

Looks like a very useful addition to the core - am just starting to look at making an ajax form, so was interesting to come across this.

Anyway, it did indeed take 5 mins to test, and the step-by-steps you described functioned as expected on OSX 10.8/apache/mysql

regards,

Gavin
 

Matt Thomas

unread,
Aug 26, 2013, 4:45:50 PM8/26/13
to Joomla! General Development
Hi Gavin,

Thanks! I'm glad that you find it useful.

Would you mind reporting your test findings at http://joomlacode.org/gf/project/joomla/tracker/?action=TrackerItemEdit&tracker_id=8549&tracker_item_id=31800 so that the project can have them in the official tracker item. 

I appreciate the help.

Best,

Matt Thomas
Founder betweenbrain
Phone: 203.632.9322
Twitter: @betweenbrain


--

Chris Davenport

unread,
Sep 1, 2013, 4:42:18 AM9/1/13
to joomla-de...@googlegroups.com
Hi Matt,

My apologies for the delay in getting back to you on this; I've been ridiculously busy these last few weeks.

To answer (2), the problem you have is that there are two different ways of rendering a response and your code is currently mixing the two.  The first is the ultra-lightweight method where you do this:

header('Content-Type: application/json');
echo json_encode($payload);
$app->close();

This totally ignores the JDocumentJson object that Joomla has constructed for you, but it works.

The other way, which I would prefer, is to not close the application prematurely and allow Joomla to render the document object itself, like this:

echo json_encode($payload);

ie. you drop the $app->close();  Yeah, it's that simple!  Joomla has already done the content negotiation and determined that you want a JDocumentJson object from the &format=json argument in the URL.  It is already buffering the output from your component.  So after you echo your output you don't need to do anything else.  Allow control to return back to Joomla and Joomla will take care of rendering the document back to the browser with the correct headers.  This method has the advantage that the module or plugin that you are calling can also modify the document object.  For example, it could add cache control headers or any custom headers.

On the subject of headers, I don't think you should return a 200 OK status code on an error condition.  Try adding something like this:

JResponse::setHeader('Status', '500 Internal server error', true);

This will allow the client to handle the error correctly.  For example, in a jQuery ajax call the 'error' callback can be used instead of having to parse the response in the 'success' callback.

I would actually be tempted to go further and return the error in a "standard" format, such as this one: http://tools.ietf.org/html/draft-nottingham-http-problem-04 as this will allow you to put the explanatory error message into a standard json object and it's all nice and developer-friendly.

Hope that helps.

Chris.

Matt Thomas

unread,
Sep 3, 2013, 12:38:33 PM9/3/13
to Joomla! General Development
Hi Chris,

No need to apologize! I appreciate the feedback, and understand being ridiculously busy.

I really like the idea of your preferred way, but when I use that method, and access the query directly (i.e. ?option=com_ajax&module=session&cmd=add&data=5&format=json), I get prompted with a file download for "joomla.json". That doesn't happen with the ultra-lightweight method. Any thoughts on why the file prompt?

That's a great idea for the status header. In all cases, the basic gist of the error is that request isn't valid. So, it seems like a 404 would be appropriate. Agreed?

What if the error response was something like the following? This may kill both birds with one stone, and allow 

if (!is_null($error)) {
header("HTTP/1.0 404 Not Found");
$message['title'] = 'Ajax request not valid.';
$message['details'] = $error;
switch ($format) {
case 'json':
header('Content-Type: application/api-problem+json');
echo json_encode($message);
$app->close();
case 'debug':
echo '<pre>' . print_r($message, TRUE) . '</pre>';
$app->close();
break;
default:
echo $error;
$app->close();
break;
}
}

This is a big help, thanks!


Best,

Matt Thomas
Founder betweenbrain
Phone: 203.632.9322
Twitter: @betweenbrain


Bakual

unread,
Sep 3, 2013, 7:13:08 PM9/3/13
to joomla-de...@googlegroups.com
I really like the idea of your preferred way, but when I use that method, and access the query directly (i.e. ?option=com_ajax&module=session&cmd=add&data=5&format=json), I get prompted with a file download for "joomla.json". That doesn't happen with the ultra-lightweight method. Any thoughts on why the file prompt?

I always assumed it has to be this way with a file download prompt, but now I'm not sure yet. So far I thought it was caused by the browser who doesn't know what to do with the content when called directly instead rom an AJAX call. But looking at the headers sent, there is a content-disposition header which forces the browser to download the file.
However it works fine when called within an AJAX call. So it's not really an issue. I'm just not sure if it's supposed to be that way.
For reference it's set in libraries\joomla\document\json\json.php around line #61 in the render function:

public function render($cache = false, $params = array())
{
JResponse::allowCache(false);
JResponse::setHeader('Content-disposition', 'attachment; filename="' . $this->getName() . '.json"', true);

parent::render();

return $this->getBuffer();
}

Matt Thomas

unread,
Sep 3, 2013, 9:14:16 PM9/3/13
to Joomla! General Development

To be honest, it feels like a bug to me.

Best,

Matt Thomas
Founder betweenbrain™
Lead Developer Construct Template Development Framework
Phone: 203.632.9322
Twitter: @betweenbrain
Github: https://github.com/betweenbrain

Bakual

unread,
Sep 4, 2013, 7:15:10 AM9/4/13
to joomla-de...@googlegroups.com
I tend to agree but I don't know :)
 
I tried to comment that line out and it will still prompt for a download. The only difference being the filename which changes from joomla.json to index.json.
So I guess it's basically some default behaviour of the browser and with the content-disposition we only change the filename to something a bit more nicer.
 
But maybe someone with more insight can explain here?
I also saw that the installation uses JApplicationWeb which has a sendJsonResponse() function. I understand that JApplicationWeb will be our future :)

Am Mittwoch, 4. September 2013 03:14:16 UTC+2 schrieb betweenbrain:

To be honest, it feels like a bug to me.

Best,

Matt Thomas
Founder betweenbrain™
Lead Developer Construct Template Development Framework
Phone: 203.632.9322
Twitter: @betweenbrain
Github: https://github.com/betweenbrain

On Sep 3, 2013 7:13 PM, "Bakual" <werbe...@bakual.ch> wrote:
I really like the idea of your preferred way, but when I use that method, and access the query directly (i.e. ?option=com_ajax&module=session&cmd=add&data=5&format=json), I get prompted with a file download for "joomla.json". That doesn't happen with the ultra-lightweight method. Any thoughts on why the file prompt?

I always assumed it has to be this way with a file download prompt, but now I'm not sure yet. So far I thought it was caused by the browser who doesn't know what to do with the content when called directly instead rom an AJAX call. But looking at the headers sent, there is a content-disposition header which forces the browser to download the file.
However it works fine when called within an AJAX call. So it's not really an issue. I'm just not sure if it's supposed to be that way.
For reference it's set in libraries\joomla\document\json\json.php around line #61 in the render function:

public function render($cache = false, $params = array())
{
JResponse::allowCache(false);
JResponse::setHeader('Content-disposition', 'attachment; filename="' . $this->getName() . '.json"', true);

parent::render();

return $this->getBuffer();
}

--
You received this message because you are subscribed to the Google Groups "Joomla! General Development" group.
To unsubscribe from this group and stop receiving emails from it, send an email to joomla-dev-general+unsub...@googlegroups.com.

Fedir

unread,
Sep 4, 2013, 8:04:06 AM9/4/13
to joomla-de...@googlegroups.com
prompt for download it normal behaviors ... 
why browser should display it?
it not a page ...

Середа, 4 вересня 2013 р. 14:15:10 UTC+3 користувач Bakual написав:
It is loading more messages.
0 new messages