|
JavaScript - Shoutbox Javascript Security
My shoutbox is constantly getting hacked the JavaScript code is below. I suspect they are exploiting the same origin policy. The hackers are using administrator's usernames and spamming lots of offensive messages into the database. Any help would be much appreciated, thank you.
Code: /***************************/
//@Author: Adrian "yEnS" Mato Gondelle & Ivan Guardado Castro
//@website: www.yensdesign.com
//@email: yensamg@gmail.com
//@license: Feel free to use it, but keep this credits please!
/***************************/
$(document).ready(function(){
//global vars
var inputUser = $("#nick");
var inputMessage = $("#message");
var loading = $("#loading");
var messageList = $(".content > ul");
//functions
function updateShoutbox(){
//just for the fade effect
messageList.hide();
loading.fadeIn();
//send the post to shoutbox.php
$.ajax({
type: "POST", url: "shoutbox.php", data: "action=update",
complete: function(data){
loading.fadeOut();
messageList.html(data.responseText);
messageList.fadeIn(2000);
}
});
}
//check if all fields are filled
function checkForm(){
if(inputUser.attr("value") && inputMessage.attr("value"))
return true;
else
return false;
}
//Load for the first time the shoutbox data
updateShoutbox();
//on submit event
$("#form").submit(function(){
if(checkForm()){
var nick = inputUser.attr("value");
var message = inputMessage.attr("value");
//we deactivate submit button while sending
$("#send").attr({ disabled:true, value:"Sending..." });
$("#send").blur();
//send the post to shoutbox.php
$.ajax({
type: "POST", url: "shoutbox.php", data: "action=insert&nick=" + nick + "&message=" + message,
complete: function(data){
messageList.html(data.responseText);
updateShoutbox();
//reactivate the send button
$("#send").attr({ disabled:false, value:"Shout it!" });
}
});
}
else alert("Please fill all fields!");
//we prevent the refresh of the page after submitting the form
return false;
});
});
Similar TutorialsI'm replacing the shoutbox on my site. Everything works and looks great. Now I'd like to make it auto refresh. Here's the update function. PHP Code: function updateShoutbox(){ //send the post to shoutbox.php $.ajax({ type: "POST", url: "shoutbox.php", data: "action=update", complete: function(data){ loading.remove(); messageList.html(data.responseText); } }); } And here is what I've tried to add to make it auti refresh, but it doesn't work. PHP Code: setTimeout('updateShoutbox()', 4000); I know very little about js, so any help is appreciated. I have a webpage in which my users complete a form in order to get through to page 2. I cannot use PHP to check as it must be on-the-fly checking. My idea was like the following: PHP Code: <script type="text/javascript"> function check(x) { if (x == 1) { document.write('<IMG SRC="img/'+x+'.jpg">'); } if (x == 2) { document.write('<IMG SRC="img/'+x+'.jpg">'); } if (x == 3) { document.write('<IMG SRC="img/'+x+'.jpg">'); } if (x == 4) { document.write('<IMG SRC="img/'+x+'.jpg">'); } } </script> And for the images to actually be PHP files that check further details of the user and insert details to DB. Then when the user clicks the next button it will check to see if all 4 users have loaded under that users details. However, I would much prefer it if I could use more PHP as I'm a Javascript n00b. Preferably I would like to use PHP to create unique keys for the images so that once I have obfuscated the javascript code the user will not figure out how to cheat the system even if they manage to reverse engineer the code. Is it possible to use PHP within javascript? E.g. PHP Code: <?php $pic = "picture.jpg"; ?> <script> function something(){ document.write('<IMG SRC="img/$pic">'); } </script> Or is this not at all possible? Edit: I know how much simpler that first script could have been, was just trying to simplify from my double as messy full script which will probably confuse you even more!!! I'm working on an html form that will be launched from within another application, but every time it launches the form none of the JS coding works because of the stupid IE security. If I launch the form from outside the application I just have to select "allow blocked content" from that stupid information bar that says "to help protect your security IE has restricted the webpage from running scripts...." I added the application site to our trusted sites and basically turned off security for that zone but it still doesn't work. Obviously there is a way to run JS without allowing the content, but I don't do enough coding to know how that is done. Can someone help me out please? I need the JS to run automatically without that information bar appearing at all. Ok, just wanted to throw this out there to see if it is worth regexing a text field for user input. Since JS is client side and the script I am using is not accessing the server for anything, do I need to regex the input text field of my script? Is there any way a cracker can use this for evil? Hi, I am currently having a problem with my code. It is pointing at a logical error somewhere as neither the error console in FireFox nor Firebug can detect any errors. The problem is getting the alert box to pop up when the user types in invalid letters or numbers for their respective functions. I guess it could be the Unicode coding for Internet Explorer or Mozilla, or maybe the validation is not getting called from the option list....Anyway here's my code so far: <script type="text/javascript"> /* <![CDATA[ */ function validateAlphabetic(keyPressEvent) { if (navigator.appName == "Microsoft Internet Explorer") var enteredKey = keyPressEvent.keyCode; else if (navigator.appName == "Netscape") var enteredKey = keyPressEvent.charCode; var enteredChar = String.fromCharCode(enteredKey); var retValue = true; try { if (!/\D/.test(enteredChar) && !/\W/.test(enteredChar)) throw "You did not enter an alphabetic value."; } catch(inputError) { window.alert("You can only enter letters into this field."); retValue = false; } finally { return retValue; } } function validateNumeric(keyPressEvent) { if (navigator.appName == "Microsoft Internet Explorer") var enteredKey = keyPressEvent.keyCode; else if (navigator.appName == "Netscape") var enteredKey = keyPressEvent.charCode; var enteredChar = String.fromCharCode(enteredKey); var retValue = true; try { if (!/\d/.test(enteredChar) && !/\W/.test(enteredChar)) throw "You did not enter a numeric value."; } catch(inputError) { window.alert("You can only enter numbers into this field."); retValue = false; } finally { return retValue; } } /* ]]> */ </script> </head> <body> <h1>Challenge Questions</h1> <form action="" enctype="application/x-www-form-urlencoded"> <select> <option value="maiden" onkeypress="return validateAlphabetic(event)">What is your mother's maiden name</option> <option value="pet" onkeypress="return validateAlphabetic(event)">What is the name of your favorite pet?</option> <option value="city" onkeypress="return validateAlphabetic(event)">What city were your born in?</option> <option value="security" onkeypress="return validateNumeric(event)">What is your social security number?</option> <option value="siblings" onkeypress="return validateNumeric(event)">How many siblings do you have?</option> </select><br /> <input type="text" size="25" /> </form> </body> Reply With Quote I have written a little bit of javascript which displays a popup div. The essence of the idea is simple, and works like this: In the javascript: Code: function popup(markup)
{
var div = document.createElement("div");
div.innerHTML = markup;
document.body.appendChild(div);
}
And in the PHP: PHP Code: $markup = "<h3>Help</h3><p>You clicked on help, so here it is.</p>"; echo '<a href="javascript:popup('.htmlentities($markup, ENT_QUOTES).');">help</a>'; Of course, there's a whole load more code (e.g. I have a mechanism for displaying the pop-up near the mouse and for allowing the user to close the pop-up, etc, etc, etc), but that is irrelevant to my question. Note also that $markup can contain anything I want - e.g. it could contain a form. Note also that the server populates $markup with predictable content - it is NOT populated by the user. Are there any security risks inherent in the code as I have posted it? (i.e. barring the fact that $markup could be used for code injection, but I have accounted for that and mitigated against it). a simple NO YOU CAN'T or a BUY A TEXTBOOK & READ IT will probably answer my query.. what i want to do is to analyse a load of share bulletin boards, from a webpage on my home pc. i'd hoped to do it by putting the bb page in an iframe and parsing the iframe's innerHTML. but this is barred by javascript. i'm a bit cheesed off having found that out only after doing the hard work of writing the parsing-code.. (i had pasted a sample bulletin board source code into the iframe, so it was all local..) but i read something about JSON.. which might outflank the security. i'd like to know: can i get an example of how this might be done? how much of a learning curve is JSON. can i fix it up on this machine? thanks for any help.. FireFox is throwing a DOM security error. And i don't really know why. i've used toDataURL() before, and it's never done this. Hopefully i can get this little app fixed, so that i can use it on my TabletPC for taking notes in class. The line of code that is throwing this error is: Code: var Note = document.getElementById("SketchPage").toDataURL();
here's the full error from the Error Console: Error: uncaught exception: [Exception... "Security error" code: "1000" nsresult: "0x805303e8 (NS_ERROR_DOM_SECURITY_ERR)" location: "file:///C:/SketchBook-Dev/SketchBook.js Line: 236"] here is the JS file: Code: var PenSize = "3";
var PenShape = "Circle";
var PenColor = "Black";
var LoadFile = "";
var UIstatus = "visible";
var CurrentNote = 0;
var BGcolor = "#C7C1A3";
var DataPath = "\Data\\";
var ImageExtension = ".img";
var FileList = [];
var SystemPath;
var UIstatus = "visible";
var Server = "localhost";
var NxtNote = new Image();
document.onkeyup = ToggleUI;
function Init()
{
// Get the System Path
GetSystemPath("SketchBook.html");
// Load All Filenames of the DataPath directory into an array
GetFileList(SystemPath + DataPath, FileList);
//Load the first Note onto the canvas
// if there are no notes in the directory, don't try to load anything
if(FileList.length > 0)
{
var Source = LoadFromDisk(FileList[CurrentNote]);
NxtNote.src = Source;
// Load the image data onto the canvas
var canvas = document.getElementById('SketchPage').getContext('2d');
canvas.drawImage(NxtNote , 0, 0);
}
}
function HideOptions()
{
document.getElementById("Options").style.visibility = "hidden";
}
function ToggleUI(e)
{
var KeyID = (window.event) ? event.keyCode : e.keyCode;
var KeyValue = 18;
// Use a key to hide the toolbars so that most of the screen is used for the UI
if(KeyID == KeyValue)
{
if(UIstatus == "visible")
{
UIstatus = "hidden";
document.getElementById("UI").style.visibility = "hidden";
return;
}
if(UIstatus == "hidden")
{
UIstatus = "visible";
document.getElementById("UI").style.visibility = "visible";
}
}
}
function ShowOptions()
{
document.getElementById("Options").style.visibility = "visible";
}
function UpdatePenSize()
{
PenSize = document.getElementById('GetPenSize').value;
}
function UpdatePenShape()
{
PenShape = document.getElementById('GetPenShape').value;
}
function UpdatePenColor()
{
PenColor = document.getElementById('GetPenColor').value;
}
function Draw(element, event)
{
document.addEventListener("mousemove", PenHandler, true);
document.addEventListener("mouseup", upHandler, true);
event.stopPropagation();
event.preventDefault();
function PenHandler(event)
{
var x = event.clientX;
var y = event.clientY;
// mouse event goes here
var canvas = document.getElementById("SketchPage");
var ctx = canvas.getContext("2d");
if (PenShape ="Circle")
{
// This draws a circle
ctx.fillStyle = PenColor;
ctx.beginPath();
ctx.arc(x, y, PenSize, 0, Math.PI*2, true);
ctx.closePath();
ctx.fill();
}
event.stopPropagation();
}
function upHandler(event)
{
document.removeEventListener("mouseup", upHandler, true);
document.removeEventListener("mousemove", PenHandler, true);
event.stopPropagation();
}
}
function SaveNote()
{
// Get the current file name
var FileName = SystemPath + DataPath + CurrentNote + ImageExtension;
// Convert the Canvas Data into a Base64 encoded PNG image
var Note = document.getElementById("SketchPage").toDataURL();
// Write the PNG file to the disk
SaveToDisk(FileName, Note);
}
function NextNote(Direction)
{
if(Direction == "up")
{
// Display the previoius note
CurrentNote--;
// Make sure you don't incrimnet to a non-existant note
if(CurrentNote <= 0)
{
CurrentNote = FileList.length;
}
var Source = LoadFromDisk(FileList[CurrentNote]);
NxtNote.src = Source;
// Load the image data onto the canvas
// Clear the Pre-existing Canvas Data First
ClearSketch();
var canvas = document.getElementById('SketchPage').getContext('2d');
canvas.drawImage(NxtNote, 0, 0);
return;
}
if(Direction == "down")
{
//Display the Next note
CurrentNote++;
// Make sure you don't incrimnet to a non-existant note
if(CurrentNote > FileList.length)
{
CurrentNote = 0;
}
var Source = LoadFromDisk(FileList[CurrentNote]);
NxtNote.src = Source;
// Load the image data onto the canvas
// Clear the Pre-existing Canvas Data First
ClearSketch();
var canvas = document.getElementById('SketchPage').getContext('2d');
canvas.drawImage(NxtNote, 0, 0);
return;
}
}
function DeleteNote()
{
// Delete The current note
DeleteFile(SystemPath + DataPath + FileList[CurrentNote]);
// Reload the Directory List
// Clear the FileList Array
FileList = [];
GetFileList(SystemPath + DataPath, FileList);
// Load The Previous Note
// Display the previoius note
CurrentNote--;
// Make sure you don't incrimnet to a non-existant note
if(CurrentNote <= 0)
{
CurrentNote = FileList.length;
}
var Source = LoadFromDisk(FileList[CurrentNote]);
NxtNote.src = Source;
// Load the image data onto the canvas
var canvas = document.getElementById("SketchPage");
var context = canvas.getContext("2d");
canvas.drawImage(NxtNote, 0, 0);
return;
}
function AddNote()
{
// Add a note to the notebook and at the end of the File List
// **** Later this function should be modified to be an INSERT function rather than just an add
// Just incase the user needs to go back an edit and add more things to their notebook
CurrentNote++;
// Add the new Note File name to the end of the FileList Array
FileList.push(CurrentNote + ImageExtension);
// Clear the Canvas
ClearSketch();
// Write a blank image file to the Data directory so that we have the actual file there
var FileName = SystemPath + DataPath + CurrentNote + ImageExtension;
var Note = document.getElementById("SketchPage").toDataURL();
}
function ClearSketch()
{
// Clear the contents of the Canvas
//Draw a rectangle that covers the canvas
var canvas = document.getElementById("SketchPage");
var ctx = canvas.getContext("2d");
ctx.fillStyle = BGcolor;
ctx.fillRect (0, 0, canvas.width, canvas.height);
}
function Crypt(method)
{
// This function will Encrypt or Decrypt All the NoteData
if(method == "encrypt")
{
return;
}
if(method == "decrypt")
{
return;
}
}
function Archive(method)
{
// This function will Restore or Backup all NoteData to a network resource
if(method == "restore")
{
return;
}
if(method == "backup")
{
return;
}
}
// ******************** These are the XPCOM Functions ************************
function GetSystemPath(ApplicationName)
{
// This function should Detect the system directory of the app
// and return that string as the SystemPath variable
// You must supply the filename of the HTML file that it is being called from
// I suppose later i could add the code to detect the HTML's actual file name
// It's on the ToDo List...
var GetSysPath = self.location;
GetSysPath = GetSysPath + "";
Get = GetSysPath.replace("file:///" , "");
Get = Get.replace(/\//g , "\\");
Get = Get.replace(ApplicationName, "");
SystemPath = Get;
return SystemPath;
}
function DeleteFile(FileName)
{
// Delete a local file
netscape.security.PrivilegeManager.enablePrivilege("UniversalXPConnect");
var aFile = Components.classes["@mozilla.org/file/local;1"].createInstance();
if (aFile instanceof Components.interfaces.nsILocalFile)
{
aFile.initWithPath(FileName);
aFile.remove(false);
}
}
function GetFileList(Directory, FileList)
{
netscape.security.PrivilegeManager.enablePrivilege("UniversalXPConnect");
var _nsILocalFile = Components.classes["@mozilla.org/file/local;1"]
.createInstance(Components.interfaces.nsILocalFile);
// initialize path to work with
_nsILocalFile.initWithPath(Directory);
// get file interface implemenation
// this means that an XPCOM Class can implement multiple interface
var lv_oFile = _nsILocalFile.QueryInterface(Components.interfaces.nsIFile);
var lv_oEntries = lv_oFile.directoryEntries;
while(lv_oEntries.hasMoreElements())
{
var lv_cFile = lv_oEntries.getNext()
.QueryInterface(Components.interfaces.nsIFile).path;
FileList.push(lv_cFile);
}
}
function SaveToDisk(filepath, content) {
try {
netscape.security.PrivilegeManager.enablePrivilege("UniversalXPConnect");
} catch (e) {
alert("Permission to save file was denied.");
}
var file = Components.classes["@mozilla.org/file/local;1"]
.createInstance(Components.interfaces.nsILocalFile);
file.initWithPath( filepath );
if ( file.exists() == false ) {
file.create( Components.interfaces.nsIFile.NORMAL_FILE_TYPE, 420 );
}
var outputStream = Components.classes["@mozilla.org/network/file-output-stream;1"]
.createInstance( Components.interfaces.nsIFileOutputStream );
outputStream.init( file, 0x04 | 0x08 | 0x20, 420, 0 );
var output = content;
var result = outputStream.write( output, output.length );
outputStream.close();
}
function LoadFromDisk(filePath)
{
if(window.Components)
try
{
netscape.security.PrivilegeManager.enablePrivilege("UniversalXPConnect");
var file = Components.classes["@mozilla.org/file/local;1"].createInstance(Components.interfaces.nsILocalFile);
file.initWithPath(filePath);
if (!file.exists())
return(null);
var inputStream = Components.classes["@mozilla.org/network/file-input-stream;1"].createInstance(Components.interfaces.nsIFileInputStream);
inputStream.init(file, 0x01, 00004, null);
var sInputStream = Components.classes["@mozilla.org/scriptableinputstream;1"].createInstance(Components.interfaces.nsIScriptableInputStream);
sInputStream.init(inputStream);
return(sInputStream.read(sInputStream.available()));
}
catch(e)
{
//alert("Exception while attempting to load\n\n" + e);
return(false);
}
return(null);
}
and the HTML UI code: Code: <html><head>
<meta http-equiv="content-type" content="text/html; charset=ISO-8859-1">
<title>Sketch Book v1.0</title>
<script src="SketchBook.js" type="text/javascript"></script>
<script src="JSxpcom.js" language="text/javascript"></script>
</head>
<body onLoad="Init();">
<div id="SketchPageView">
<canvas id="SketchPage" width="480" height="640" style="background: #C7C1A3; position: absolute; top: 0px; left: 0px;" onmousedown="Draw(this, event);"></canvas>
</div>
<div id="Options" style="position: absolute; visibility: hidden; top: 100px; left: 50px;">
<table cellwidth="100" border="0" cellpadding="0" cellspacing="0" height="50">
<tbody><tr><td><img src="./Image/TL-black.PNG" height="19" width="19"></td><td bgcolor="#bce0f8"><center><b>Options</b></center><img src="./Image/delete.png" style="position:absolute; top: 2px; left: 150px; height: 18; width: 18;" onClick="HideOptions();"></td><td><img src="./Image/TR-black.PNG" height="19" width="19"></td></tr>
<tr><td bgcolor="#bce0f8"></td>
<td bgcolor="#bce0f8">
<div style="border: 1px solid black;">
<table>
<tbody><tr>
<td><center>Pen Size</center></td><td><center>Color</center></td>
</tr>
<tr>
<td>
<select id="GetPenSize" onchange="UpdatePenSize();">
<option value="1">1 px</option>
<option value="2">2 px</option>
<option value="3">3 px</option>
<option value="4">4 px</option>
<option value="5">5 px</option>
</select>
</td>
<td>
<select id="GetPenColor" onchange="UpdatePenColor();">
<option value="Black">Black</option>
<option value="White">White</option>
<option value="Red">Red</option>
<option value="Blue">Blue</option>
<option value="Green">Green</option>
<option value="Brown">Brown</option>
</select>
</td>
</tr>
<tr>
<td><input value="Restore" onclick="RestoreData();" type="button"></td><td><input value="Backup" onclick="BackupData();" type="button"></td>
</tr>
<tr>
<td><input value="Encrypt" onclick="EncryptData();" type="button"></td><td><input value="DeCrypt" onclick="DecryptData();" type="button"></td>
</tr>
</tbody></table>
</div>
</td>
<td bgcolor="#bce0f8"></td></tr>
<tr><td><img src="./Image/BL-black.PNG" height="19" width="19"></td> <td bgcolor="#bce0f8"></td><td align="right"><img src="./Image/BR-black.PNG" height="19" width="19"></td></tr>
</tbody></table>
</div>
<table id="UI" style="position: absolute; top: 0px; left: 412px; visibility: visible;" border="0" cellpadding="0" cellspacing="0" width="40">
<tbody><tr><td><img src="./Image/TL-black.PNG" height="19" width="19"></td><td bgcolor="#bce0f8"></td><td><img src="./Image/TR-black.PNG" height="19" width="19"></td></tr>
<tr><td bgcolor="#bce0f8"></td>
<td bgcolor="#bce0f8" height="600">
<img src="./Image/up.png" style="width: 30px; height: 30px;" alt="up" onclick="NextNote('up');"><br><br><br><br>
<img src="./Image/plus.png" style="width: 30px; height: 30px;" alt="add" onclick="AddNote();"><br><br><br><br>
<img src="./Image/save.png" style="width: 30px; height: 30px;" alt="save" onclick="SaveNote();"><br><br><br><br>
<img src="./Image/clear.png" style="width: 30px; height: 30px;" alt="clear" onclick="ClearSketch();"><br><br><br><br>
<img src="./Image/delete.png" style="width: 30px; height: 30px;" alt="delete" onclick="DeleteNote();"><br><br><br><br>
<img src="./Image/gear.png" style="width: 30px; height: 30px;" alt="options" onclick="ShowOptions();"><br><br>
<img src="./Image/down.png" style="width: 30px; height: 30px;" alt="down" onclick="NextNote('down');">
</td>
<td bgcolor="#bce0f8"></td> </tr>
<tr><td><img src="./Image/BL-black.PNG" height="19" width="19"></td> <td bgcolor="#bce0f8"></td> <td align="right"><img src="./Image/BR-black.PNG" height="19" width="19"></td></tr>
</tbody></table>
</body></html>
Hello, recently I have been to many government websites where I have noticed that the programmer has used window.open() method in JavaScript to link to different pages instead of using <a> tags! I was just getting curious to know whether it is normal or has it been used due to security concerns(if any, I don't know)? Any comments? Hello! I am trying to find a script that allows you to open multiple browser tabs and then close each of those tabs, either one by one or all at once. Does anyone know how to do this please? Thanks so much for your help. I want to have another go at Javascript. I have several books on the subject but I find that my eyesight is a major problem. Therefore I want to try an on-line solution, preferably free. I have Googled, but there are so many that I am almost dizzy with the choices. Perhaps someone could recommend one. Not too fussy visually. My knowledge is VERY basic. Frank Does anyone know how to make URL links that use Javascript still work when users have Javascript disabled on their browser? The only reason I'm using JS on a URL is because my link opens a PDF file, and I'm forcing it not to cache so users have the latest version. I tried the <script><noscript> tags, but I'm not sure if I'm using it correctly, as my URL completely disappears. Below is my HTML/Javascript code: <p class="download"> <script type="text/javascript">document.write("<span style=\"text-decoration: underline;\"><a href=\"javascript:void(0);\" onclick=\"window.open( 'http://www.webchild.com.au/mediakit/Direct_Media_Kit_Web.pdf?nocache='+ Math.floor( Math.random()*11 ) );\" >The Child Magazines Media Kit</a></span> (PDF 1 MB) ");</script> <noscript><span style="text-decoration: underline;"><a href="http://www.webchild.com.au/mediakit/Direct_Media_Kit_Web.pdf" >The Child Magazines Media Kit</a></span> (PDF 1 MB)</noscript> </p> Thanks for any help, Michael Hi Guys, I am new at JavaScript and start to do some tutorials.What I am trying to do here is prompting user to input a name and if the name was valid the page(document) will display with all objects like the button.But if user enter a wrong name then the button will be disabled! I create the following code but it did not work <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>New Web Project</title> <script language="JavaScript" type=""> function changeColor(){ document.bgColor = "Gray"; } </script> </head> <body> <script language="JavaScript" type="text/javascript"> var person = ""; person = prompt('What is Your Name:'); if (person == "Foo") { document.write("<h1 />Welcome " + person); document.bgColor = "Yellow"; } else { document.write("<h1 />Access Denied!!!!"); document.bgColor = "Red"; document.getElementById("gree").disabled = true; } </script> <div> <p/><input id="gree" type="button" value="Gray " onClick="changeColor();"> </div> </body> </html> as you can see I used the: document.getElementById("gree").disabled = true; but it did not work , could you please give an idea how I can solve this problem? Thanks Hi, I have the following code snippet: test.html ====== <script language="javascript" type="text/javascript"> var testVariable = "test"; </script> <script language="javascript" type="text/javascript" src="test.js"> </script> test.js ===== var testVariable = window.top.testVariable; In firefox, I'm able to access testvariable defined within test.html in test.js. But in chrome, test.js couldnot get the window.top.testVariable field defined in test.html. Can any one please let me know how i can make it work in chrome?. Am i missing something here?. I want to insert this js snippet Code: function addText(smiley) {
document.getElementById('message').value += " " + smiley + " ";
document.getElementById('message').focus();
return false;
}
to a loaded iframe with name&id chtifrm. I can access it & change embed something in its html via using something like: Code: $(parent.chtifrm.document.body).append('<div id=\"smly\" style=\"cursor:pointer;float:left;top:200px;display:none;position:absolute;\"><\/div>');
.... Code: parent.chtifrm.document.getElementById('chatbox_option_disco').style.display == 'none'
but how do I insert js in the head of loaded iframe? Hi Guys I am trying to modify the functionality of my page. I want to be able to activate this piece of code using another javascript function. This is the code I want to activate: Code: <script type="text/javascript"><!--
$('#button-cart').bind('click', function() {
$.ajax({
url: 'index.php?route=checkout/cart/update',
type: 'post',
data: $('.product-info input[type=\'text\'], .product-info input[type=\'hidden\'], .product-info input[type=\'radio\']:checked, .product-info input[type=\'checkbox\']:checked, .product-info select, .product-info textarea, .date_data input[type=\'text\']'),
dataType: 'json',
success: function(json) {
$('.success, .warning, .attention, information, .error').remove();
if (json['error']) {
if (json['error']['warning']) {
$('#notification').html('<div class="warning" style="display: none;">' + json['error']['warning'] + '<img src="catalog/view/theme/default/image/close.png" alt="" class="close" /></div>');
$('.warning').fadeIn('slow');
}
for (i in json['error']) {
$('#option-' + i).after('<span class="error">' + json['error'][i] + '</span>');
}
}
if (json['success']) {
$('#notification').html('<div class="success" style="display: none;">' + json['success'] + '<img src="catalog/view/theme/default/image/close.png" alt="" class="close" /></div>');
$('.success').fadeIn('slow');
$('#cart_total').html(json['total']);
$('html, body').animate({ scrollTop: 0 }, 'slow');
}
}
});
});
//--></script>
And this is how I want the format of the function to be: function testsession() { if there is a session called 'hiredate' { activate the script above } else { var el = document.getElementById("product_data"); } } I just dont know how to write this in javascript Could you help me if possible please I got an index.php Code:
<html>
<form action="bacakomik.php" method='post'>
<select name="kodekomik">
<option value='../komik1/|23'>Judul Komik1</option>
<option value="../komik2/|20">Judul Komik2</option>
<option value="../komik3/|10">Juduk Komik3</option>
<option value="../komik4/|20">Judul Komik4</option>
</select>
<input type="submit" />
</form>
<?php
echo ('<select>');
echo ('<option value= "'.$i.'">'.'Page '.$i.'</option>');
echo ('</select>');
?>
</html>
As you can see, each of the option brings specific value "../komik1/|23" komik1 is a directory | is a delimiter 23 is the pages in one chapter and can be considered also as how many images are there on a specific directory This is my bacakomik.php Code: <?php
$dirkomik = $_POST['kodekomik'];
$exploded = explode("|", $dirkomik);
echo ($exploded[0]); //picture directory
echo ("<br>");
echo ($exploded[1]); //total page in the comic
$pagecount = (int)$exploded[1];
//Take last posted value, process it right away
echo ('<FORM name="guideform"> ');
echo ('<select name="guidelinks">');
$i=1;
do {
echo ('<option value= "'.$i.'">'.'Page '.$i.'</option>');
$i= $i+1;
}while($i <= $pagecount); //Printing option and select
echo ("</select>");
?>
<input type="button" name="go" value="Go!" onClick="document.getElementById('im').src=document.guideform.guidelinks.options[document.guideform.guidelinks.selectedIndex].value+'.png';"> </FORM>
<img src="img0.jpg" id="im">
With the current code on bacakomik.php, I only can change the img src of id "im" in the same directory only. What I want is that the Javascript could "add" the "$exploded[0]" variable so that the picture can be loaded from different directory. Anyone can do this? I believe that the fix should be somewhere on input tag inside OnClick, or do you know where? Anyway, I found this on the net http://p2p.wrox.com/php-faqs/11606-q...avascript.html Please help me to those who can... Hey, I've got to make the values of some textboxes change the co-ordinates of my sprite on a canvas and havent a clue on how to do it, Here is my form with the two textboxes and submit button: <form> x: <input type="text" name="x" /><br /> y: <input type="text" name:"y" /><br /> <input type="submit" value="Submit"/><br /> </form> And i need it so that they change the values of these: //this shows where my sprite will start on the canvas var block_x; var block_y; searched the internet for hours and cant really find anything i understand or works. any help is much appreciated All -- I have a JavaScript config file called gameSetting.js which contains a bunch of variables which configures a particular game. I also have a shared JavaScript library which uses the variables in gameSetting.js, which I include like so: <script type="text/javascript" src="gameSetting.js" ></script> <script type="text/javascript" src="gameLibrary.js" ></script> In gameSetting.js I have: $(document).ready(function() { // call some functions / classes in gameLibrary.js } in Firefox, Safari, and Chrome, this works fine. However, in IE, when it's parsing gameSetting.js, it complains that the functions that live in gameLibrary.js aren't defined. When it gets to parsing gameLibrary.js, the variables in gameSetting.js are reported as not being defined. I've tried dynamically bootstrapping the gameLibrary file using this function in document.ready for dynamic load... $.getScript("gameLibrary.js"); However, the same problem still happens in IE, where when it parses the files individually it's not taking into context the file/variables that came before, so it's not an out of load order problem. My options a 1) collapsing all the functions in gameLibrary.js and variables in gameSetting.js into one file. However, this is not practical because this is dealing with literally hundreds of games, and having a gameLibrary.js in ONE location for ONE update is what makes most logical sense. 2) figure out a way to get this to work where variables in file1 are accessible to file2 in IE (as it seems they are in other browsers). jQuery seems to be able to have multiple plugins that all refer to the based jQuery-1.3.2.js, so I know there is a way to get this to work. Help appreciated. Nero I wrote a log function that took note of various function calls. Thinking that functions are first class objects, and objects have properties, I made the name of each logged function a property of that function, e.g., brightenInnerPara.name = "brightenInnerPara"; Every browser I tried (Firefox, MSIE, Opera, Chrome, Safari) accepted the assignment, no problem. In Firefox and MSIE, the result was what I wanted: brightenInnerPara.name == "brightenInnerPara" But in the others, the result was: brightenInnerPara.name == null Question 1. Which Javascript is correct here? I favor Firefox and MSIE, not merely because they were willing to give me what I wanted, but also because it makes no sense to accept an assignment statement without throwing an error and then give it a null semantics, like Chrome, Opera, and Safari did. I found a workaround, using assignments like this: brightenInnerPara.prototype.name = "brightenInnerPara"; To my surprise, that worked in every browser. But I don't know why. It seems that such assignments are enough to cause each function to have its own distinct prototype. Question 2. Just how inefficient is my workaround, and why does it work? |
|||||||