I have a problem here which I have solved with two different solutions. I would like to know:
- Which solution is the most secure?
- Which solution is more efficient, basically which one requires the least bandwith for user?
- Which solution in the long run is easiest to maintain?
- Is there a possibility that any of the solutions might get outdated in the near future? Example if they change how jQuery .hide() works or anything else, whatever.
Here are my solutions:
Solution 1 with jQuery and some php.
jQuery Code:
$(document).ready(function(){
$.get( "hide_forms_until_logged_in.php", function( data ) {
console.log(data.response);
if(data.response == "false") {
$("form").hide();
} else {
$("form").show();
}
}, "json");
});
HTML markup:
<form action="" method="POST" enctype="multipart/form-data">
<input type="file" name="file" /> <br/>
<input type="submit" name="submit" value="Upload"/>
</form>
hide_forms_until_logged_in.php:
include 'session.php';
if (isset($_SESSION['login_user'])) {
echo json_encode(array("response"=>"true"));
} else {
echo json_encode(array("response"=>"false"));
}
Solution 2 with mostly php:
hide_forms_until_logged_in.php:
include 'session.php';
if (isset($_SESSION['login_user'])) {
echo "<form action='' method='POST'
enctype='multipart/form-data'>
<input type='file' name='file' /> <br/>
<input type='submit' name='submit' value='Ladda upp'/>
</form>";
} else {
echo "Logga in for att ladda upp filer";
}
And inside the page:
<?php include "hide_forms_until_logged_in.php" ?>
I know I could have made a function and call it inside the include there, for the sake just put the include there.
The form itself before posting anything to database has a check if the user is logged in or not.