LISTSERV 16.5 - CODE4LIB Archives

It shouldn't be too hard to build this. This library should help, it's modeled after active record:

http://activerecordjs.org/

Juan Madrigal

Web Developer
University of Miami
Richter Library

On May 12, 2011, at 7:12 PM, "Carl Wiedemann" <[log in to unmask]> wrote:

> Hey Ken. I looked at the code for that AJAX Crud thing and I don't recommend
> using it. Their demo doesn't filtering against XSS and likely SQL Injection.
> For example, I was able to insert a <!cript
> type="text/javascript">alert('hey');</script>. Use with caution.
> 
> http://en.wikipedia.org/wiki/SQL_injection
> http://en.wikipedia.org/wiki/Cross-site_scripting
> 
> 
> On Thu, May 12, 2011 at 2:38 PM, Madrigal, Juan A <[log in to unmask]>wrote:
> 
>> I'd be curious.
>> 
>> Thanks,
>> 
>> Juan Madrigal
>> 
>> Web Developer
>> University of Miami
>> Richter Library
>> 
>> On 5/12/11 3:56 PM, "Jason Griffey" <[log in to unmask]> wrote:
>> 
>>> We are actually right in the middle of a massive weeding project here
>>> at UTC, and my Web Tech librarian, Andrea Schurr (whom some of you
>>> probably met at C4L this year) built a really cool system to handle
>>> it. We aren't using ajax (although I argued for it, she talked me out
>>> of it). However, our project necessitates feedback from subject
>>> faculty, so it has the ability to allow for the Chemistry faculty, for
>>> example, to review the discard list, mark items to keep, and that list
>>> is then further reviewed by Library liaisons to make sure the faculty
>>> aren't just telling us to keep everything. :-)
>>> 
>>> It's all pre-populated with our bib data. She's on vacation this week,
>>> but the plan is to open-source the setup asap. If anyone is
>>> interested, drop me a line and I'll make sure and let you know when we
>>> get it up.
>>> 
>>> Jason
>>> 
>>> 
>>> On Thu, May 12, 2011 at 1:44 PM, Ken Irwin <[log in to unmask]> wrote:
>>>> AJAX for slickness and ease of use. We could do form html, but I'd
>>>> prefer something that's updated in real time.
>>>> 
>>>> As for the scanner -- my plan was to pre-populate the database from our
>>>> OPAC, so we won't need to scan each book individually.)
>>>> 
>>>> Ken
>>>> 
>>>> -----Original Message-----
>>>> From: Code for Libraries [mailto:[log in to unmask]] On Behalf Of
>>>> Dave Caroline
>>>> Sent: Thursday, May 12, 2011 11:39 AM
>>>> To: [log in to unmask]
>>>> Subject: Re: [CODE4LIB] ajaxy CRUD / weeding helper
>>>> 
>>>> Why ajax! just a plain html form
>>>> and add a barcode scanner, to pick that books data from the db
>>>> 
>>>> Scan shelf, scan contents, you now have updated list of contents and
>>>> books gone awol
>>>> 
>>>> jump to updating page
>>>> scan book, update, rinse repeat
>>>> 
>>>> 
>>>> 
>>>> Dave Caroline
>>>> 
>>