Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
K
K
Koi Com2017-03-26 17:22:05
Django
Koi Com, 2017-03-26 17:22:05

Where and how to store identifiers for ajax requests?

There is a like button. On click, an asynchronous request is sent to increase the number of likes for a particular post. So where and how to store information that will help to accurately identify the post on the server?
Now I do it like this: I use html 5 data attributes and store in them a unique hash value for each post. Below is an example markup.

<i data-post-id="e48b70766ca57206e45dc4d3cee03d37" class="fa fa-heart cursor-link w3-padding-small   w3-text-gray " id="21"></i>

On the server, a hash is calculated based on a combination of the fields of the object itself (Python/Django):
@receiver(post_init, sender=Post)
def compute_hash(sender, instance, **kwargs):
    md5 = hashlib.md5();
    md5.update(str(instance.id) + instance.text.encode('utf-8') + str(instance.pub_datetime))
    instance.hash_id = md5.hexdigest()

In general, purely intuitively, I suspect that storing the value of the id field of each object somewhere in the markup is not particularly good in terms of security. That's why I use hash. But I think that there are some standards, templates for how to do it all. Maybe python or django has mechanisms that will help me. Or maybe in HTML 5 there is something suitable? If anyone has anything to offer, please suggest!

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

2 answer(s)
Report
D
D3lphi, 2017-03-26
@D3lphi

Keep a clean id, no hashing. What's in it? Well, you hashed this identifier, so what? In your opinion, the user will not be able to "learn" the id of the article from the hash? Then they would have used some key known only to you when hashing (IMHO, there is also no special point in this).
I don't understand what you want to protect yourself from here?

Report
B
blackbb, 2017-03-27
@blackbb 

{%for item in list%}
<a href="#"   class="add-to-like"
                     data-id="{{ item.id }}"
                     {% if item in user.userprofile.liked_sentence.all %}
                     data-in_favorites="true"
                     {% else %}
                     data-in_favorites="false"
                     {% endif %}
                     data-type="sentence"
                  >
                      {% if item in user.userprofile.liked_sentence.all %}
                      <i class="fa fa-star gold" aria-hidden="true"></i>
                      {% else %}
                      <i class="fa fa-star default" aria-hidden="true"></i>
                      {% endif %}
                  </a>
{%endfor%}

id is sufficient.

Similar questions
M
Michael R.2017-04-22 18:30:56
How to find and remove specific elements from text? 2Reply
N
Nikolai Gromov2017-04-28 13:16:05
How to access an element of an object that is in an array? 2Reply
T
trytrytry2014-09-24 21:27:23
How to sort fields? 4Reply
D
David52020-11-23 18:22:23
Django, updating data in admin? 2Reply
R
recursy2022-04-18 20:44:43
Which is better to use in django receiver or sessions? 2Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question