Too much security kills functionality.
Hi there, let me explain my problem.
We need to offer an book to people buying for donation to congress. ( Order form is here: http://christian-heritage.eserbia.org/order )
So, we have page for selecting persons or institution for donation. Buying goes via PayPal. After patron pay books using PayPal we must know whom to donate payed books.
We have tried following: 1. Patron should select person in the page ( http://christian-heritage.eserbia.org/order ) 2. After this he should click on PayPal button "Pay Now" and this click brings user to PayPal. ... and how to record patron's choice in the form ( http://christian-heritage.eserbia.org/order ) ? After one submit form to PayPal, all data about users selections in the form are lost.
Solution was : On click on the button "Pay Now", before submit, collect patron's selections (using JS) and using AJAX post data to php script for saving to database. After this, submit only books quantity to PayPal for buying. And this works in all popular browsers except Firefox (tested in Chrome, IE, Opera and all works fine.)
More details with codes (code is simplified):
$('#beforesend').on('click', function(){
var data = 'quantity=' + books_qty;
$('#result li').each(function(ind){
data = data +"&dat[][users choices from form]" });
....
$.ajax({
url: "app/ordering.php", //Record user choices to database. type: 'POST', data: data, dataType: 'text' }).done(function(dat) { console.log(dat); }).fail(function(jqXHR, textStatus) { console.log("Firefox paranoia..."); return false; });
$('#buy').submit(); // Without this line AJAX works... but we can't send post to PayPal.
return true;
}
I can't see security risk if this AJAX post goes to the same domain as script domain.
As I said, this script worked in all tested browsers except Firefox.
Sorry for my not so best English. :(
Best regards.
被選擇的解決方法
Hi jscher2000 thanx for your help.
This info was very useful: "The problem is that Firefox is terminating the AJAX request the instant it is told to leave the page"
Put "$('#ppbutton').click() in the ".done" function." was not worked because script never step into .done, from unknown reason always gone into .fail.
Finally, according to your info, I edited async: true, to async: false, in order to block script to make any further step before finishing ajax, and now all works fine. :)
Thank you very much for help!
從原來的回覆中察看解決方案 👍 0所有回覆 (4)
The problem is that Firefox is terminating the AJAX request the instant it is told to leave the page. You can see if you edit id="ppbutton" to id="notppbutton" that the request will complete and show ok in the console. So you should consider not "clicking" the button with your script until you get the response. In other words, try it with the $('#ppbutton').click() in the ".done" function.
Also, please disregard the order for jeff@example.com!
選擇的解決方法
Hi jscher2000 thanx for your help.
This info was very useful: "The problem is that Firefox is terminating the AJAX request the instant it is told to leave the page"
Put "$('#ppbutton').click() in the ".done" function." was not worked because script never step into .done, from unknown reason always gone into .fail.
Finally, according to your info, I edited async: true, to async: false, in order to block script to make any further step before finishing ajax, and now all works fine. :)
Thank you very much for help!
Glad to hear you found an immediate solution.
There is some risk that the async=false will go away. Currently it is "deprecated" so I really don't know how long it will be available. https://developer.mozilla.org/docs/Web/API/XMLHttpRequest#Parameters
It could be that jQuery will work around that kind of future change in Firefox, I don't know, I don't use jQuery.