How sophisticated should my Ajax code be ?

Question

I have seen simple example Ajax source codes in many online tutorials. What I want to know is whether using the source code in the examples are perfectly alright or not?

Is there anything more to be added to the code that goes into a real world application?

What all steps are to be taken to make the application more robust and secure?

Here is a sample source code I got from the web:

function getChats() {
    xmlHttp=GetXmlHttpObject();
    if (xmlHttp==null) {
            return;
    } 
    var url="getchat.php?latest="+latest;   
    xmlHttp.onreadystatechange=stateChanged;
    xmlHttp.open("GET",url,true);
    xmlHttp.send(null);
} 

function GetXmlHttpObject() {
    var xmlHttp=null;
    try {
            xmlHttp=new XMLHttpRequest();
    } catch (e) {
            try {
                    xmlHttp=new ActiveXObject("Msxml2.XMLHTTP");
            } catch (e) {
                    xmlHttp=new ActiveXObject("Microsoft.XMLHTTP");
            }
    }
    return xmlHttp;
}

Answer 1

I would use a framework like DOMAssistant which has already done the hard work for you and will be more robust as well as adding extra useful features.

Apart from that, you code looks like it would do the job.

Answer 2

I would honestly recommend using one of the many libraries available for Ajax. I use prototype myself, while others prefer jQuery. I like prototype because it's pretty minimal. The Prototype Ajax tutorial explains it well. It also allows you to handle errors easily.

new Ajax.Request('/some_url',
  {
    method:'get',
    onSuccess: function(transport){
      var response = transport.responseText || "no response text";
      alert("Success! \n\n" + response);
    },
    onFailure: function(){ alert('Something went wrong...') }
  });

Answer 3

The code you posted is missing one important ingredient: the function stateChanged.

If you don't quite understand the code you posted yourself, then what happens is when the call to getchats.php is complete, a function "stateChanged" is called and that function will be responsible for handling the response. Since the script you're calling and the function itself is prefixed with "gets" then I'm pretty sure the response is something you're going to be interested in.

That aside, there are a number of ways to improve on the code you posted. I'd guess it works by declaring a single "xmlHttp" object and then making that available to every function (because if it doesn't, the stateChanged function has no way of getting the response). This is fine until you run an AJAX request before the last one (or last few) haven't replied yet, which in that case the object reference is overwritten to the latest request each time.

Also, any AJAX code worth its salt provides functionality for sucess and failure (server errors, page not found, etc.) cases so that the appriopiate message can be delivered to the user.

If you just want to use AJAX functionality on your website then I'd point you in the direction of jQuery or a similar framework.

BUT if you actually want to understand the technology and what is happening behind the scenes, I'd continue doing what you're doing and asking specific questions as you try to build a small lightweight AJAX class on your own. This is how I done it, and although I use the jQuery framework today.. I'm still glad I know how it works behind the scenes.