Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Too much security kills functionality.

more options

Hi there, let me explain my problem.

We need to offer an book to people buying for donation to congress. ( Order form is here: http://christian-heritage.eserbia.org/order )

So, we have page for selecting persons or institution for donation. Buying goes via PayPal. After patron pay books using PayPal we must know whom to donate payed books.

We have tried following: 1. Patron should select person in the page ( http://christian-heritage.eserbia.org/order ) 2. After this he should click on PayPal button "Pay Now" and this click brings user to PayPal. ... and how to record patron's choice in the form ( http://christian-heritage.eserbia.org/order ) ? After one submit form to PayPal, all data about users selections in the form are lost.

Solution was : On click on the button "Pay Now", before submit, collect patron's selections (using JS) and using AJAX post data to php script for saving to database. After this, submit only books quantity to PayPal for buying. And this works in all popular browsers except Firefox (tested in Chrome, IE, Opera and all works fine.)

More details with codes (code is simplified):


$('#beforesend').on('click', function(){

  var data = 'quantity=' + books_qty;
   $('#result li').each(function(ind){

data = data +"&dat[][users choices from form]" });

     ....
      $.ajax({

url: "app/ordering.php", //Record user choices to database. type: 'POST', data: data, dataType: 'text' }).done(function(dat) { console.log(dat); }).fail(function(jqXHR, textStatus) { console.log("Firefox paranoia..."); return false; });

      $('#buy').submit();       // Without this line AJAX works... but  we can't send post to PayPal.
      return true;

}



I can't see security risk if this AJAX post goes to the same domain as script domain.

As I said, this script worked in all tested browsers except Firefox.


Sorry for my not so best English. :(

Best regards.

Hi there, let me explain my problem. We need to offer an book to people buying for donation to congress. ( Order form is here: http://christian-heritage.eserbia.org/order ) So, we have page for selecting persons or institution for donation. Buying goes via PayPal. After patron pay books using PayPal we must know whom to donate payed books. We have tried following: 1. Patron should select person in the page ( http://christian-heritage.eserbia.org/order ) 2. After this he should click on PayPal button "Pay Now" and this click brings user to PayPal. ... and how to record patron's choice in the form ( http://christian-heritage.eserbia.org/order ) ? After one submit form to PayPal, all data about users selections in the form are lost. Solution was : On click on the button "Pay Now", before submit, collect patron's selections (using JS) and using AJAX post data to php script for saving to database. After this, submit only books quantity to PayPal for buying. And this works in all popular browsers except Firefox (tested in Chrome, IE, Opera and all works fine.) More details with codes (code is simplified): ---------------------------------------------------------------------------------------------------------------- $('#beforesend').on('click', function(){ var data = 'quantity=' + books_qty; $('#result li').each(function(ind){ data = data +"&dat[][users choices from form]" }); .... $.ajax({ url: "app/ordering.php", //Record user choices to database. type: 'POST', data: data, dataType: 'text' }).done(function(dat) { console.log(dat); }).fail(function(jqXHR, textStatus) { console.log("Firefox paranoia..."); return false; }); $('#buy').submit(); // Without this line AJAX works... but we can't send post to PayPal. return true; } ------------------------------------------------------------------------------------------------------------------------- I can't see security risk if this AJAX post goes to the same domain as script domain. As I said, this script worked in all tested browsers except Firefox. Sorry for my not so best English. :( Best regards.
Screen ƒe photowo kpe ɖe eŋu

Ŋuɖoɖo si wotia

Hi jscher2000 thanx for your help.

This info was very useful: "The problem is that Firefox is terminating the AJAX request the instant it is told to leave the page"

Put "$('#ppbutton').click() in the ".done" function." was not worked because script never step into .done, from unknown reason always gone into .fail.

Finally, according to your info, I edited async: true, to async: false, in order to block script to make any further step before finishing ajax, and now all works fine. :)

Thank you very much for help!

Xle ŋuɖoɖo sia le goya me 👍 0

All Replies (4)

more options

The problem is that Firefox is terminating the AJAX request the instant it is told to leave the page. You can see if you edit id="ppbutton" to id="notppbutton" that the request will complete and show ok in the console. So you should consider not "clicking" the button with your script until you get the response. In other words, try it with the $('#ppbutton').click() in the ".done" function.

more options

Also, please disregard the order for [email protected]!

more options

Ɖɔɖɔɖo si wotia

Hi jscher2000 thanx for your help.

This info was very useful: "The problem is that Firefox is terminating the AJAX request the instant it is told to leave the page"

Put "$('#ppbutton').click() in the ".done" function." was not worked because script never step into .done, from unknown reason always gone into .fail.

Finally, according to your info, I edited async: true, to async: false, in order to block script to make any further step before finishing ajax, and now all works fine. :)

Thank you very much for help!

more options

Glad to hear you found an immediate solution.

There is some risk that the async=false will go away. Currently it is "deprecated" so I really don't know how long it will be available. https://developer.mozilla.org/docs/Web/API/XMLHttpRequest#Parameters

It could be that jQuery will work around that kind of future change in Firefox, I don't know, I don't use jQuery.