Global variables in javascript


#1

Hi I have this js file example app.js, in my app.js code I have this

var ticketId= 12345; //this is global because I put on top all of my code in app.js

the ticketId will have value when the user Login the page .

then I have to use that to pull some record in database by using ajax, and also I use that in some of my functions ...My question for this if Another user will set down to other computer then login with her credentials and after that it will generate ticketId does my ticketId will be overwrittern by her ticketId?..but we have different sessions.although the app.js is centralize. does still it will overwrite ?

Thank you in advance.


#2

It seems to me that if the variable is being defined with a hard coded value assigned to it
var ticketId= 12345;
then it will have that value initially regardless.

I not clear why you would want to assign the variable an initial value, seems like a simple decaration should do, but in any case, the question is what does the code overwriting the value look like? If it is assigning a unique session hash I don't think there should be any problems if an earlier visitor takes longer than a concurrent or subsequent visitor does to get back to the server.

Of course, the reliability will greatly depend on a visitor not messing with the JavaScipt, so you will need server-side code in place to enforce honesty.


#3

during the page load the ticketId will be assigned by this '12345',


#4

so meaning it will not overwrite ? for example I have this code

var ticketId = $('#hiddenid').val();//12345;

//here I will do ajax request

$.ajax({
   type:'get',
  data:...
  success:;function(data){
     ticketId = data.id;//5678;

 }

});

Now my new ticetId value is 5678;
but the other User also will do ajax request because we have same file being accesse. if he gets 11225, does my ticketId will be now 1125 also ?..I apologize having difficulty to exaplaing this hope you get me.


#5

So the "hidden id" value is coming from an AJAX return?

If so, it will depend on the server-side code.

If this is to be used for anything where it is even slightly important that the value maintains integrity, you should have an accompanying hash token. In fact, you could probably be better of having only a hash token.

For example
- server sets a unique value when the page is loaded / XHR completes successfully
- visitor does stuff, hopefully not messing with the values
- data goes to the server where it is checked against the value that was initially sent to the page.


#6

This topic was automatically closed 91 days after the last reply. New replies are no longer allowed.