patternjavascriptModerate
Efficient (Virtual) Home Security
Viewed 0 times
securityefficientvirtualhome
Problem
Can you help me optimize the speed and security of my homepage?
(Link now dead - 2014/04/10 -
```
var aktiv=0;
var red ;
var enable = [];
var count = 1;
var number = 0;
var Jetzt = 0;
var Start = 0;
var codes = [];
var xmlHttp;
function createXMLHttpRequestObject()
{
if(window.ActiveXObject){
try{
xmlHttp = new ActiveXObject("Microsoft.XMLHTTP");
}
catch(e){
xmlHttp = false;
}
}
else{
try{
xmlHttp = new XMLHttpRequest();
}
catch(e){
xmlHttp = false;
}
}
if(!xmlHttp)
alert("Fehler beim erzeugen des XMLHttpRequest Objekts");
else
return xmlHttp;
}
function process()
{
if(xmlHttp.readyState == 4 || xmlHttp.readyState == 0){
xmlHttp.open("POST","ses.php",true);
xmlHttp.setRequestHeader("Content-Type","application/x-www-form-urlencoded"); // WICHTIG FUER POST !!!
xmlHttp.onreadystatechange = handleServerResponse;
xmlHttp.send(null);
}
else
setTimeout("process()",1000);
}
function setStart()
{
if(xmlHttp.readyState == 4 || xmlHttp.readyState == 0){
var value="zeit="+ Start;
xmlHttp.open("post","set.php",true);
xmlHttp.setRequestHeader("Content-Type","application/x-www-form-urlencoded"); // WICHTIG FUER POST !!!
xmlHttp.send(value);
}
else
setTimeout("setStart()",1000);
}
function getStart()
{
if(xmlHttp.readyState == 4 || xmlHttp.readyState == 0){
xmlHttp.open("post","get.php",true);
xmlHttp.setRequestHeader("Content-Type","application/x-www-form-urlencoded"); // WICHTIG FUER POST !!!
xmlHttp.onreadystatechange = handleServerResponse2;
xmlHttp.send(null);
}
else{
setTimeout("getStart()",1000);
}
}
fu
(Link now dead - 2014/04/10 -
http://www.pixel-klicker.de)```
var aktiv=0;
var red ;
var enable = [];
var count = 1;
var number = 0;
var Jetzt = 0;
var Start = 0;
var codes = [];
var xmlHttp;
function createXMLHttpRequestObject()
{
if(window.ActiveXObject){
try{
xmlHttp = new ActiveXObject("Microsoft.XMLHTTP");
}
catch(e){
xmlHttp = false;
}
}
else{
try{
xmlHttp = new XMLHttpRequest();
}
catch(e){
xmlHttp = false;
}
}
if(!xmlHttp)
alert("Fehler beim erzeugen des XMLHttpRequest Objekts");
else
return xmlHttp;
}
function process()
{
if(xmlHttp.readyState == 4 || xmlHttp.readyState == 0){
xmlHttp.open("POST","ses.php",true);
xmlHttp.setRequestHeader("Content-Type","application/x-www-form-urlencoded"); // WICHTIG FUER POST !!!
xmlHttp.onreadystatechange = handleServerResponse;
xmlHttp.send(null);
}
else
setTimeout("process()",1000);
}
function setStart()
{
if(xmlHttp.readyState == 4 || xmlHttp.readyState == 0){
var value="zeit="+ Start;
xmlHttp.open("post","set.php",true);
xmlHttp.setRequestHeader("Content-Type","application/x-www-form-urlencoded"); // WICHTIG FUER POST !!!
xmlHttp.send(value);
}
else
setTimeout("setStart()",1000);
}
function getStart()
{
if(xmlHttp.readyState == 4 || xmlHttp.readyState == 0){
xmlHttp.open("post","get.php",true);
xmlHttp.setRequestHeader("Content-Type","application/x-www-form-urlencoded"); // WICHTIG FUER POST !!!
xmlHttp.onreadystatechange = handleServerResponse2;
xmlHttp.send(null);
}
else{
setTimeout("getStart()",1000);
}
}
fu
Solution
- Don't mix German and English code. I'd highly suggest you to use only English in your code (and I'm German myself).
- Don't mix different variable naming styles and only use variable names starting with a capital letter for constructor function which must be used with the
newprefix. A good practice is to adopt the convention of the language you use, in case of JS it would be camelCase. This is a good starter for JS code convention: http://javascript.crockford.com/code.html
- When creating the XHR object prefer
XMLHttpRequestand only fallback toActiveXObjectif the native one is not defined. The latter is only necessary in IE6.
- Indent your code properly
- Get rid of the duplicate code in
setStartandgetStart. Write a single function that sends your AJAX request.
- Never pass a string to
setInterval()orsetTimeout(). Doing so is as bad as usingeval()and it results in unreadable and possibly insecure code as soon as you use variables since you need to insert them into the string instead of passing the actual variable. The proper solution issetInterval(function() { / your code ) }, msecs);. The same applies tosetTimeout(). If you just want to call a single function without any arguments, you can also pass the function name directly:setInterval(someFunction, msecs);(note that there are no()behind the function name)
- Consider using a DOM abstraction library. jQuery is nice and common but there are also more lightweight alternatives (not that I'd prefer these). It will save you a lot time and is likely to make your code much nicer.
Context
StackExchange Code Review Q#18037, answer score: 10
Revisions (0)
No revisions yet.