Ok so I am tasked to work with this third party vendor that shows movie times on their end. We have the chance to co-brand our site on their end, so in order to do that we need to create a wrapper of our site so that the movie times can show inside the wrapper so it still looks like your on our site. One option is to have a header and footer included via js external file, that way we can make changes on our side and the updates will show on their side, so we dont have to send them a new header/footer every time we make updates to the wrapper. They suggested we do it this way:
<script src="http://oursite.com/header.php"></script>
<script src="http://oursite.com/footer.php"></script>
So I have raw html in header.php hosted on our side and then I added this in the header before anything else:
<?php header("Content-type: text/javascript"); ?>
However when the page loads I get this error:
SyntaxError: syntax error
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" xml
Im assuming there is a problem having raw html code in a js file? If so is there anyway around this?
You should add a link to proper javascript that push desired html to the page.
<script src="http://oursite.com/[somejsfile].js"></script>
You can get help from this answer on how to insert html elements using javascript
If you are going to use javascript to call an external file you need to use ajax. The problem then lies that you are taking about your site and that cannot be done when your domains do not match.
If you do it in the manner you have included you must declare the html in javascript variables then, on load push the data to where it needs to go.
var html = '<html> YOUR CODE WATCH OUT FOR SINGLE QUOTES </html>';
//check for load with jquery
$(document).ready(function(){
$('#header").html(html);
})
Related
I have a menu that appears on all my pages. It contains php for passing filenames to url's as follows. Here is a snippet...
document.write('<li>abc</li>');
document.write('<li>def</li>');
document.write('<li>ghi</li>');
It includes css and that works fine.
I have saved the menu as a seperate .js file and used...
<script src="js/menucss.js"></script>
...to load it from each page that I want it to appear. The menu displays and the css works fine - however the php does not parse and the page shows the php markup. What am I doing wrong?
Thanks in advance.
Neil
You shouldn't do it like that.
Have a page called menu.php saved somewhere, which includes:
<ul>
<li>abc</li>
<li>def</li>
<li>ghi</li>
</ul>
Then include it, on the server side (index.php):
<html>
<head>
<title></title>
</head>
<body>
<header>
<?php include("main.php"); ?>
</header>
</body>
</html>
This approach is far superior:
It does not require an extra request to get the data.
There will be no flickering or awkward moments of data loading, the menu would appear as if you've coded it directly into the page.
It's much faster.
It doesn't use JavaScript, which the client can choose to disable.
You confuse server side and client side. PHP is about server side and PHP code it is interpreted on server. JavaScript is about client side, and JavaScript runs when user already has gotten html page, so when you dinamically add php in html on client side by JavaScript it cannot be run.
From what I understood I think that you are Trying to run PHP inside a .js file.
You should include that code in a PHP file.
The problem you're experiencing is probably due to the fact that you're attempting to run PHP on a .js file, and your server is not configured to it.
Change the file's extension to .php and use:
<script src="js/menucss.php">
I need one advice from you. I am working on a website, which uses PHP and HTML. As the biggest part of the header and footer code will be same for many pages, I am thinking of using PHP's include to avoid code duplication. But, each of those pages requires different stylesheets and JS files included. What do you think how could I let the other file know what scripts and stylesheet to import?
Our company does this:
The header reads the filename of the page calling it when it's included.
Then, it changes the extension to '.js' and outputs that if it exists. Same for CSS.
So if I have a page "register.php", it will auto-include "register.js" and "register.css" if they exist.
Here's what I do:
<?php include("includes/headContent.php"); ?>
<title>Page title goes here!</title>
<script src="script_only_used_on_this_page"></script>
<?php
require_once("includes/siteHeader.php");
?>
Site Content Goes Here!!
<?php
require_once("includes/siteFooter.php");
?>
Head Content includes any PHP I want included in every page, as well as the opening html and head tag, and any Javascript libraries and css stylesheets I want on every page. Site header closes the /head tag, and opens the body as well as printing out my site header and some other markup that goes on every page. Finally Site Footer closes out my template. Everything in between is my content area!
There are lots of different ways you can do templating, if you wanted to create a simple include and an echoHeader() and an echoFooter() function... just have the echoHeader function accept a parameter which you would pass your javascript and CSS lines to.
you can use MVC coding pattern
I am using a WP template that allows me to incorporate arbitrary HTML. Unfortunately, I have to use this particular widget and can't use other WP widgets.
I have on my webserver /some/path/serve_image.php that spits out a random HREF'd IMG SRC with a caption and some other info from a MySQL query.
Now...how can I say "take that output and treat it as HTML"? If I just put "/some/path/serve_image.php" I get that literal string.
I tried:
<script type="javascript" src="/some/path/serve_image.php"></script>
but that didn't work. I tried changing everything in serve_image.php to be document.write() calls and that didn't seem to work either. I'm not the world's greatest JS guy...
So if I have a URL on the net that spits out some HTML and I want to include that HTML in my web page, what's the best way to do that? Sort of like what Google does with Adsense - you source their show_ads.js.
Why no? Add
header('Content-Type: application/javascript');
And output JavaScript Like:
echo("var image = \"".$images[array_rand($images)]."\";");
echo("$('img.randim').attr('src', image);
No. JavaScript and PHP are two completely separate languages. In fact, if it was JavaScript, you aren't even loading it the right way.
<script type="text/javascript"></script>
The way you're trying to do it would throw a parse error, because it would try to use the PHP as JavaScript. Some browsers would even reject it, because PHP files have a text/html MIME type, while JavaScript should be application/javascript.
PHP has to be done server side, so loading it in the client just doesn't work.
What I think you're after is this:
<?php
require('/some/path/serve_image.php');
?>
Just place that wherever you want the image to be.
I am having difficulty trying to get modernizer to run with codeigniter.
this is what I've done so far.
downloaded Modernizr and renamed the file modernizr-1.5.min.txt to modernizr-1.5.min.js
put the JavaScript file in the same directory as my header file is: apppath/views/tops/
included the file in my headings <script src="modernizr-1.5.min.js"></script>
included this in my HTML element <html class="no-js">
just to preserve my sanity I put the JavaScript file modernizr-1.5.min.js in my views directory and in the application directory.
I am getting absolutely zero response when I read my page source to see if the has been replaced with the elements that my browser covers the wave modernizr is supposed to work. I have tried this using Firefox and chrome as far as reading the source.
any suggestions? Thank you in advance
why would you put javascript files ito the view folder of your app? i would rather use this path "/media/javascripts/modernizr.js" and then <script src="/media/javascripts/modernizr.js"></script> link it like that. the view folder is only for templates. other thing is that you will never see the changes that javascript does to your page in the pagesource. because it only shows you what html the browser received. and javascript starts to work after the browser received the html. you need to install firebug to see the "live" dom.
I have some javascripts that I am using in my files. But when we view the source code it shows our javascript as it is. Is there any way with which we can hide our javascript from showing up in the browser using php.
There is a free javascript obfuscator at javascriptobfuscator.com. It will not prevent dedicated people from "stealing" your code, but normal copy&paste will not be easy.
Also see this question: How can I obfuscate (protect) JavaScript? . It contains some very good answers and also explain how this is security through obscurity.
That's how it works, it visible to everyone.
You can obfuscate it, though.
As Javascript is executed inside the browser, on the client's machine, it has to be sent to that client machine.
So, one way or another, the client has to be able to read it. So, no, you cannot prevent your users from seeing the JS code if they want to.
You could obfuscate it, but someone who really want to get to your source will always be able to (event if it's hard)... But the thing is : why would you prevent your users from seeing the JS source code if they want to ?
As a sidenote : with minified/obfuscated JS code, when you'll have a bug, it'll be really harder to track down... (and you really have to keep a no-obfuscated version on your development/testing machine)
I recommend minifying it and that will remove the comments and white spacing from your code. If you don't want the names of the variables visible then you will need to obfuscate it.
I'm not sure if this will work, I may try it sometime. But basically:
<script type="text/javascript" src="MyScript.php"></script>
In the PHP file add some sort of refering to check what page requested it or what the last page was. Then if it was one of your own pages, then echo the JS, if not then don't echo it. It will still be possible to read the JS, but even harder than just viewing source and de-obfuscate it. So you could also obfuscate the code inside the .php file.
no. javascript executes on the client side.
There is another way of hiding the Javascript for the most simple users
Just test here to try finding the javascript behind the textbox...
Yet, the script is still visible for experienced users -see the bottom of this post to understand why-
The idea is to put your javascript functions in a separate ".js" file. When loading your source PHP or HTML page, instead of calling it directly with
<SCRIPT language="JavaScript" SRC="original_file_to_hide.js"></SCRIPT>
, you will include a header php script that will copy the "mysource.js" file to a random "kcdslqkjfldsqkj.js" file, and modify your HTML file to call
<SCRIPT language="JavaScript" SRC="temporary_copy_of_the_file.js"></SCRIPT>
instead. After that, just delete the copy kcdslqkjfldsqkj.js file on your server, and when the user will look for the source code, the browser will link to a vanished file !!!
So this is for the theory, next, there is a small issue to workaround : if the HTML/PHP file is loaded too fast, your script will be vanished from your server before the browser had time to load the script.
Thus, you need
To copy the file to a different random name
To load the file in the source PHP file
To wait a few seconds after your HTML/PHP file is loaded before...
...Deleting the file
Here is the source for the HTML/PHP "test.php" page which is to be displayed to the end-user:
<?php
//javascript source code hiding technique : Philippe PUECH, 2013
//function thanks to Stackoverflow, slightly modified
//http://stackoverflow.com/questions/4356289/php-random-string-generator
function RandomString()
{
$characters = "0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ";
$randstring = '';
for ($i = 0; $i < 10; $i++)
{
$randstring = $randstring.$characters[rand(0, strlen($characters))];
}
return $randstring;
}
//simple header script to create a copy of your "precious" javascript ".js" file
$original_filename="functions.js"; //find a better (complicated) name for your file
$hidden_filename=RandomString().".js"; //temporary filename
copy($original_filename,$hidden_filename);
?>
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<title>Catch my Javascript if you can !</title>
</head>
<SCRIPT language="JavaScript" SRC="<?php echo($hidden_filename); ?>"></SCRIPT>
<script type="text/javascript">
</script>
<body onLoad="javascript:testfunc();">
This is the page with anything you like !
</body>
</html>
<?php
sleep(1);
//you can comment following line
echo "finished !";
unlink($hidden_filename);
?>
Here is the source for the "functions.js" file which will be hidden to the user.
// JavaScript Document
function testfunc(){
alert("It works...");
}
However, as told in the comment, the developer tools of the browser will keep the script in memory, and make it still visible to the curious users... ;-((