Re: ajaxy CRUD / weeding helper

From: Madrigal, Juan A <j.madrigal2_at_nyob>
Date: Fri, 13 May 2011 08:40:20 -0400
To: CODE4LIB_at_LISTSERV.ND.EDU 
It shouldn't be too hard to build this. This library should help, it's modeled after active record:

http://activerecordjs.org/

Juan Madrigal

Web Developer
University of Miami
Richter Library

On May 12, 2011, at 7:12 PM, "Carl Wiedemann" <carl.wiedemann_at_GMAIL.COM> wrote:

> Hey Ken. I looked at the code for that AJAX Crud thing and I don't recommend
> using it. Their demo doesn't filtering against XSS and likely SQL Injection.
> For example, I was able to insert a <script
> type="text/javascript">alert('hey');</script>. Use with caution.
> 
> http://en.wikipedia.org/wiki/SQL_injection
> http://en.wikipedia.org/wiki/Cross-site_scripting
> 
> 
> On Thu, May 12, 2011 at 2:38 PM, Madrigal, Juan A <j.madrigal2_at_miami.edu>wrote:
> 
>> I'd be curious.
>> 
>> Thanks,
>> 
>> Juan Madrigal
>> 
>> Web Developer
>> University of Miami
>> Richter Library
>> 
>> On 5/12/11 3:56 PM, "Jason Griffey" <griffey_at_GMAIL.COM> wrote:
>> 
>>> We are actually right in the middle of a massive weeding project here
>>> at UTC, and my Web Tech librarian, Andrea Schurr (whom some of you
>>> probably met at C4L this year) built a really cool system to handle
>>> it. We aren't using ajax (although I argued for it, she talked me out
>>> of it). However, our project necessitates feedback from subject
>>> faculty, so it has the ability to allow for the Chemistry faculty, for
>>> example, to review the discard list, mark items to keep, and that list
>>> is then further reviewed by Library liaisons to make sure the faculty
>>> aren't just telling us to keep everything. :-)
>>> 
>>> It's all pre-populated with our bib data. She's on vacation this week,
>>> but the plan is to open-source the setup asap. If anyone is
>>> interested, drop me a line and I'll make sure and let you know when we
>>> get it up.
>>> 
>>> Jason
>>> 
>>> 
>>> On Thu, May 12, 2011 at 1:44 PM, Ken Irwin <kirwin_at_wittenberg.edu> wrote:
>>>> AJAX for slickness and ease of use. We could do form html, but I'd
>>>> prefer something that's updated in real time.
>>>> 
>>>> As for the scanner -- my plan was to pre-populate the database from our
>>>> OPAC, so we won't need to scan each book individually.)
>>>> 
>>>> Ken
>>>> 
>>>> -----Original Message-----
>>>> From: Code for Libraries [mailto:CODE4LIB_at_LISTSERV.ND.EDU] On Behalf Of
>>>> Dave Caroline
>>>> Sent: Thursday, May 12, 2011 11:39 AM
>>>> To: CODE4LIB_at_LISTSERV.ND.EDU
>>>> Subject: Re: [CODE4LIB] ajaxy CRUD / weeding helper
>>>> 
>>>> Why ajax! just a plain html form
>>>> and add a barcode scanner, to pick that books data from the db
>>>> 
>>>> Scan shelf, scan contents, you now have updated list of contents and
>>>> books gone awol
>>>> 
>>>> jump to updating page
>>>> scan book, update, rinse repeat
>>>> 
>>>> 
>>>> 
>>>> Dave Caroline
>>>> 
>>
Received on Fri May 13 2011 - 08:40:00 EDT

URL: http://serials.infomotions.com/code4lib/