Is it safe to update data in the database real time using AJAX? and is it ok to use the server for calculations?

Guys I need some help!
In my app, for the shopping cart, I need to update the quantity values real time. Let’s say someone set the quantity (but does not submit) and then close the browser. After a day or two he re-login and the updated qty should be there. For this im thinking of using $.getJSON to send the qty with the cart id and product id to the server so that the server can update them and send a response. Is this safe? (Im a bit new to JS and my app is on Rails)
The other thing is, Im thinking of contacting the server and do the price calculations from there every time someone update the quantity and change the district. The reason is, in the server I use a special plugin called ‘rails-money’ which adds a special data type named money to handle currency calculations. Sometimes using float can be inaccurate.

Use a Cookie. Your users don’t have to login then and nothing is being saved to your server.

The problem is according to the client’s requirements, the site should have user login and guest user both. :frowning:

Just add the additional information to the cookie for logged in users. How would you remember a user if they haven’t signed in? There would be no way of knowing who they are when they return to the site if they don’t have a static ip or if they are behind a proxy.

Actually sometimes it is easier to use a database because we need to make sure a user can view his cart the next time he login. :slight_smile: For guest users I store the cart ID in a cookie.

AJAX is just the client side request, it’s pretty much the same thing if you performed a GET or POST request through traditional HTML. (there are also other types of requests you can perform)

You should always be sanitizing user input when putting it in a SQL query.

1 Like

This topic was automatically closed 91 days after the last reply. New replies are no longer allowed.