I've got a couple PHP scripts employed for AJAX queries, however i would like them to have the ability to operate underneath the umbrella of Joomla's authentication system. May be the following safe? What are the unnecessary lines?

joomla-auth.php (situated within the same directory as Joomla's index.php):

<?php

define( '_JEXEC', 1 )

define('JPATH_BASE', dirname(__FILE__))

define( 'DS', DIRECTORY_SEPARATOR )

require_once ( JPATH_BASE .DS.'includes'.DS.'defines.php' )

require_once ( JPATH_BASE .DS.'includes'.DS.'framework.php' )

/* Produce the Application */

$mainframe =&lifier JFactory::getApplication('site')

/* Make certain we're drenched in whatsoever. */

if (JFactory::getUser()->id == )

    die("Access refused: login needed.")

?>

test.php:

<?php

include 'joomla-auth.php'

echo 'Logged in as "' . JFactory::getUser()->username . '"'

/* Then we go to access things just the user

   of this title can access. */

?>

As I aren't seeing anything within the code that's unsafe, it is best to build your AJAX/JSON calls to some standard Joomla component. There is a piece of content regarding how to do that here: http://blog.syncleon.com/2009/05/ajax-ify-your-joomla-website.html I have also discussed JavaScript, Joomla, and asynchronous demands in my opinion http://world wide web.packtpub.com/files/learning-joomla-1-5-extension-development-sample-chapter-8-using-javascript-effects.pdf (skip lower to page 168).

Basically, that which you do is produce a view for that creation of your AJAX call, then produce a view.xml.php (or view.json.php) file rather than a view.html.php. Whenever you add &format=xml towards the finish of the request URL, it'll pull from view.xml.php rather than view.html.php.