This question already has answers here:
What does "javascript:void(0)" mean?
(14 answers)
Closed 5 years ago.
In HTML you can write href="#" to prevent a page reload, however in php this doesn't appear to work. Is there an alternative?
It adds # to the existing url, but that's not what I want. I also don't want to remove the href since it replaces the cursor with a select text cursor, and I don't really want to be changing my css for what should be basic php.
I'm sure im just doing something wrong anyway. Thanks!
By using a hash you're attempting to tell the browser to navigate to an anchor on the page. If you want to cancel the default behavior and not modify your CSS simply void the anchor's behavior with Javascript:
...
There's a very good description of what this does and why you would use it here: What does "javascript:void(0)" mean?
Not be the best. But if I had this issue, I'll use onclick
texts
Online Preview
Related
This question already has answers here:
What is the "?" symbol in URL used for in php?
(7 answers)
What the meaning of "?" in the PHP URL [duplicate]
(7 answers)
Closed 4 years ago.
I have the following problem:
I use a template page for a specific application, and for the login through "steam" there is a button. The button refers to a php file, and in the php file you can find the following line of code:
<a href="?login"><div id="sign-in-steam" style="margin-left: 74px;color: black;">
What does the "?login" exactly mean, I know it stands for a file but I cant find a file named like that, can anyone help me out?
The part behind the question mark in any URL is the Query String as per RFC 3986 section 3.4 and hence is not a PHP functionality (even though PHP can read it, see PHP $_SERVER superglobal docs, especially $_SERVER['QUERY_STRING']).
The hyper reference
?login
refers to the web-apps main page, which gets called using the parameter login a a GET parameter.
Quite likely, this would call the same script equivalently:
index.php?login
This question already has answers here:
Closed 10 years ago.
Possible Duplicate:
JavaScript for detecting browser language preference
How to getting browser current locale preference using javascript?
I have a wordpress website that I am in the works of localizing. I don't really have much php or javascript knowledge, and don't really know what I am looking for in terms of doing this.
I have a support tab that users can click to go to my helpdesk. I can create multiple tabs for different languages and get the code to display it.
So my question is: Is their an if then statement in javascript that I can use to help detect the language of the browser and display the correct tab? Or is their a better way of doing this? Since my localized domains format is "ru.domain.com" I could even have the if then statement check for the language code in the current page url. Any help would be appreciated.
This question already has answers here:
Closed 10 years ago.
Possible Duplicate:
Display “Enable JavaScript” message only when JavaScript is disabled
I have a php document which contains both php and jquery coding. My question though is that is there a way in php where if the brower's javascript is disabled, that it displays a message stating "In order to use this application without any problems, you must have javascript enabled"?
Can the message appear straight away when the user has disabled javascript?
Thanks
You can use noscript tag tyo detect if JavaScript not supported.
<noscript>Your browser does not support JavaScript!</noscript>
Use the <noscipt>In order to use this application without any problems, you must have javascript enabled</noscript> Tags
Anything surrounding by <noscript> tags is executed in the case of JavaScript being disabled, so you can simply display a warning from within a noscript block.
<noscript>In order to use this application without any problems, you must have javascript enabled</noscript>
This question already has answers here:
Closed 10 years ago.
Possible Duplicate:
How to protect my source code when deployed?
Can you give me some suggestions on how to secure a piece of code (credits, footer) from being removed?
It's just a text saying "Made by", bla bla...
If a user removes that piece of code, I want to force it back on the place or to display a warning message.
How about populating a div using javascript? Most users that will hack your theme/code won't understand where its coming from. Try something like appending the div to your body tag so even the div isn't written in html of your code. This might prevent a lot of efforts to remove the credits. What are you building exactly? What is the context? Is it a theme for a cms?
This question already has answers here:
How to prevent XSS with HTML/PHP?
(9 answers)
Sanitizing HTML input
(5 answers)
Closed 9 years ago.
I want to provide an HTML editor on my site, but don't want to open myself up to xss or other attacks that come with allowing user-generated HTML.
This is pretty similar to what Stack Overflow does. How is the HTML checked/sanitized here so that the styling information still remains, while other, more dangerous stuff (like javascript, iframes, etc.) are kept out?
Are there any libraries (preferably in PHP) that already do this?
PHP has a function strip_tags that strips HTML and PHP tags from a string, and allows you to specify certain allowable tags. But as #webarto states, there are libraries that do this better.
From the PHP Manual.
Your can use
strip_tags($yourData,"<a><p><div><i>") // more tags you want to keep;
If your using SQL too use
mysql_real_escape_string($data);
This is really all you need to not get injected. Do keep in mind, when using mySQL real escape you need to use strip slashes to remove them when you echo them out.
Here are the docs for strip tags and the docs for mysql escape.
If you wish to allow some (X)HTML and restrict only tags viewed as unsafe, you can use something like KSES. Wordpress uses a solution like this.
http://sourceforge.net/projects/kses/
In addendum to Whymarrh's post, suggestion is to have the code work take place in a subfolder of your site, and auto-alter any code that has "..", or "http://" or any mysql commands.