version check wierd logic

[GoogleCodeExporter]

Questions
Why is the version check eevn done via js ?
Why is the api string passed AND parsed in js ?
Why is this not in the php template serverside.

Seems wasteful to do this clientside, plus we are inserting the raw api result 
into pages, so there is xss possibility there.

    <script>
        // check to see if core update is needed
        jQuery(document).ready(function() {
            <?php $json = get_api_details();    if ($json != '') { ?>
                var obj = jQuery.parseJSON('<?php echo $json; ?>');
                if(obj.status != 1) {
                    $('a.support').parent('li').append('<span class="warning">!</span>');
                    $('a.support').attr('href', 'health-check.php');
                }
            <?php  } ?>
        });
    </script>

Original issue reported on code.google.com by tablatronics on 11 May 2012 at 7:19

[GoogleCodeExporter]

see issue 320, related to same code.

If there is no valid reason for this to be done is JS I suggest moving it to 
the nav template and done server side. 

Original comment by tablatronics on 11 May 2012 at 7:23

[GoogleCodeExporter]

i dont recall having a good reason to do the check in js... if you think it 
would be better served somewhere else - that's fine... go ahead and change it. 
Thanks

Original comment by ccagle8 on 14 Jun 2012 at 12:50

[GoogleCodeExporter]

fixed r743

Original comment by tablatronics on 18 Jul 2012 at 3:24

• Changed state: Fixed