Forum Replies Created

Viewing 15 replies - 46 through 60 (of 129 total)
  • Plugin Author yoav.aner

    (@yoavaner)

    Hi worldrtavlr,

    Thanks for reporting this. I’ll try to update Ajaxize with a compatible / non-deprecated function call. Things are a bit busy, so not sure when I’ll have the time unfortunately.

    Cheers
    Yoav

    Plugin Author yoav.aner

    (@yoavaner)

    Thanks for keeping me posted. I’ll try to update the FAQ to reflect this, so others can avoid this.

    Plugin Author yoav.aner

    (@yoavaner)

    Passing parameters to functions is explicitly not supported (see the FAQ).

    If you need to pass parameters to functions, you’re probably better off building it yourself.

    Be careful about passing parameters from the user to any SQL queries though, or you might expose yourself to SQL injection.

    Plugin Author yoav.aner

    (@yoavaner)

    Ajaxize adds a div around the data that your function returns, so any styling issues can be corrected by CSS rules.

    I did notice that your function returns some empty space around the span with the actual data. Perhaps that’s the reason you’re seeing some padding?

    In any case, this is not something that I can help much with. Take a look at the actual page using your browser development tools (inspector on chrome etc), and see which tweaks to either the data that your function returns or to CSS rules would fix this problem.

    Plugin Author yoav.aner

    (@yoavaner)

    Ok, no problem. Just pointing this out.

    You could also consider using a CDN for static resources (which your caching plugin might already support). Most CDNs support both http and https. Just a suggestion, in case it helps in any way.

    In any case, hope you enjoy using Ajaxize and best of luck with the migration to HTTPS.

    Cheers
    Yoav

    Plugin Author yoav.aner

    (@yoavaner)

    Thanks for the info.

    If you already have a certificate installed, I would personally recommend using SSL everywhere across your website. It increases security and gives people confidence with your website, without really affecting performance as much as people might think.

    Just my 2 cents.

    Plugin Author yoav.aner

    (@yoavaner)

    wp_enqueue_script does not specify whether the script is loaded via http or https, it relies on wordpress to load it using the way the site is loaded.

    I would recommend checking your wordpress settings and make sure everything is configured correctly to use https.

    Plugin Author yoav.aner

    (@yoavaner)

    Hi joshuaiz,

    As far as I know this plugin should work seamlessly with HTTP/HTTPS. Perhaps the reason you see the enqueued scripts served via http because of some kind of caching?

    Cheers
    Yoav

    Plugin Author yoav.aner

    (@yoavaner)

    Hi evo252,

    I wish there was an easy solution for this, but I can’t think of anything right now. I’m glad you understand.

    Cheers
    Yoav

    Plugin Author yoav.aner

    (@yoavaner)

    Hi evo252,

    Nice to hear from you again, and thanks for your kind and positive message.

    Unfortunately I don’t think what you’re trying to achieve is very easy with Ajaxize. As you said, it ajaxifies the function and the function is shared across all posts. Ajaxize does not support passing any parameters for a variety of reasons, and I don’t plan to have this feature since it will make things much more complicated. Simplicity is one of my goals, even if it means less functionality.

    So, it looks to me like you’ll need to write some custom javascript / php code to achieve what you want, or use a counter plugin that supports ajax better. I can’t think of a simple solution to this unfortunately.

    Cheers
    Yoav

    Plugin Author yoav.aner

    (@yoavaner)

    Can anyone try with the latest W3 Total Cache version? Also worth trying to make sure either the browser caching is disabled in W3TC, or that at least the “Expires header lifetime:” is set to 3600 seconds.

    Plugin Author yoav.aner

    (@yoavaner)

    Thanks for the detailed report!

    I’ve come across this as well, but it’s tricky to reproduce exactly in order to try to resolve. I’m away on holiday at the moment, so not sure when I’ll have time to address this.

    I’m guessing the caching that W3TC applies makes some browsers cache the page longer than necessary, which invalidates the CSRF value. Why it happens only/mostly on Windows/W3TC is an interesting question.

    I might remove the CSRF protection entirely, but it’s not the ideal solution for security reasons (although this extra ‘security’ is something debatable since most functions exposed by ajaxize are harmless or not applying any changes, and also parameters are limited making it a difficult targets for attacks anyway).

    Alternatively, there might be a more optimal cache settings that avoids this problem, but I haven’t found it. I believe that CSRF tokens expire after 12 or 24 hours. Setting the page to refresh the cache more frequently could resolve this in theory. If you are able to experiment with some cache settings, you might be able to help.

    Otherwise I’ll try to take a closer look, but unfortunately I can’t promise exactly when.

    Plugin Author yoav.aner

    (@yoavaner)

    Closing this for now. Let me know if you have any further questions.

    Forum: Reviews
    In reply to: [Ajaxize] Great plugin!
    Plugin Author yoav.aner

    (@yoavaner)

    Thanks! 🙂

    Plugin Author yoav.aner

    (@yoavaner)

    I think the -1 is a result of the csrf token becoming invalid after 12 or 24 hours or so. It’s not a message that ajaxize returns, but rather something coming back from wordpress. If you make sure you don’t cache for so long, this should resolve this problem.

Viewing 15 replies - 46 through 60 (of 129 total)