i have a js array like this:
var myArray = [];
myArray[1] = 'test';
myArray[2] = 'test';
-i want to hide it from users to see it. how can i store just the array in a php script and call it?
right now i have the .js separate from my form. and i just call it. but anyone can easily view source and visit the url using the .js name
-another question i have is to hide a url values from the user. i have something like this:
www.test.ca/people.php?id=12
i want to hide the values. thanks
For the JS code, if the browser has to execute it, then the user can see it. Not much you can do.
If you want to carry values between pages and you don't want them to be seen, don't use a query string -- use PHP sessions instead.
All Javascript code is viewable from the client. There really is no way around this.
Even an AJAX call can be viewed via a good browser plugin.
Javascript is a client-side executed script, so you won't ever be able to hide it.
You can encrypt it, you can make it difficult to view it, but that's pretty useless.
Just put it in your sources, or if you want to hide it a little further, get the array with an AJAX call, and make the call show nothing when it's not called with AJAX (the array can still be revealed with developper browser plugins, or with being hacked adding extra headers.
Here's the PHP condition code : if(isset($_SERVER['HTTP_X_REQUESTED_WITH'])
Don't try to make it harder then that, it will be a waste of time.
Think that the browser is a transparent box. Everything you want to hide, needs to sit on the server.
If you want to send data across multiple pages, you have two options -
Use PHP Sessions
Use hidden fields
I would recommend the second option, because PHP sessions have the same problem as using a global variable, i.e., you can't use the same key in the whole applications, it is harder to maintain a session etc.
You can't hide a JS code from the user, because the browser will certainly execute it.
Related
This is my first question on this site, so I'm going to try to be as specific as i can... By the way, excuse me for my perfect knowledge of English... which isn't perfect at all..
So what I was wondering is: do php variables persist if you change your page's content, using AJAX methods?
Let me explain: I want to code a web app which has to contain a main layer, containing a few tabs. The user has to be able to write stuff into text areas in one tab, switch the tab, and if he wants so, come back to the first tab to complete what he wrote before (also the app has to keep the php variables that it created previously right?). The app also has to put all the data, entered in all the different tabs, in one or many databases, when a summit button is clicked; so it has to access all the variables created before.
I just don't have any code at this moment, but I want to do a specification file before starting to code, because what I am about to do is kinda massive app, so i hope you will be able to explain me this point.
I still thank you for your help.
You would be best to consider the PHP script as a one-off thing. It does what it is asked to, then terminates. Nothing is preserved.
However, if you NEED to preserve something to pass back with an AJAX call, you can do it by including:
<INPUT type='hidden' id='my_variable' value='my_value'>
This can be referenced by the javascript that calls your AJAX PHP page and thus be passed back.
For what you require, as #AlexP said, you can simply change the visibility of each tab content area with:
<SPAN onclick='toggle(this.id)' id='tab_1'>Tab Name</SPAN>
or similar. Your JS function might include something like:
for(n=1;n<=numberOfTabs;n++)
{
document.getElementById("div_"+n).style.display="none";
}
document.getElementById("div_"+passedid).style.display="block";
though there are other ways of doing it.
Perhaps what you REALLY want to do is save the entered data into a database field frequently (or even continuously).
I thought I should ask this before moving forward with my scripting project and later on realizing that I might be doing something wrong. Might as well save my own time in the first place by checking if what I'm doing is indeed correct.
I'm pretty new to PHP and JQuery and still getting the hang of them both. I recently came across a problem in which I wanted to run some PHP code after executing a certain function using JQuery, so after doing some reading online I got the idea to create a PHP file which does just what I want to do and POST to it from my JQuery function with the needed variables. That way I achieve my server-side and client-side goals on the same time. However!
It doesn't look right to me. At all. I find myself having at least ten include files for one simple page. Those files get included in my HTML code when the form loads, and after refreshing a certain DIV with my JQuery function, they get reloaded. That way I can keep my script dynamic, I doubt there's something else I could do in order to keep it that way.
However I often need to update stuff after executing a certain JQuery function, hence I call a similar file to the loading one, but this time it's a file which I transfer some parameters to (using the POST method, through JQuery), and execute the desired action in the file itself.
Now, after briefly explaining my current situation and method of work, I'd like to know if what I'm doing is correct. In case you're still wondering what the hell I am talking about, I'd like to explain in detail what I mean:
Let's say I have my index.php file which prints data from my database and some additional lines as well. Once I click one of the page buttons, I want to update my database according to the form I've got implanted in my page as well, and then reload the DIV which contains that data ONLY. I do not want to reload the entire page.
Now if I wanted to do that without JQuery that would have been easy. I would POST the data to the same form and update it if the POST parameters are indeed valid. However, there's no way to refresh that DIV without JQuery, so I came up with something similar to this:
$.post("/files/dosomething.php", { taskID: _taskID }, function(){
$("#div_tasks").fadeOut(800, function(){
$('#div_tasks').load('/files//load_div_A.php', function(){
$("#div_tasks").fadeIn(1500);
});
});
});
That's what I've been doing in my last week of learning PHP and JQuery. Now before I proceed any further than this, I'd like to know if it is indeed the right way to achieve my goal.
// EXAMPLE B:
I've got a DIV in my HTML code which prints a table of tasks, for instance. How do I print it? I include a file which echo's the table at the exact point where I want the table to be displayed. Then, in each row, there's a button called 'delete' which removes the selected row from the database. What I do is, using JQuery (due to the fact I want ONLY that DIV to be refreshed), I call another external file calling remove.php and send the index of the task I'd like to remove using POST. The file performs the server-side code and once it's done, I load the updated table into that DIV by calling the file I used to call in the first place from my main page. This time the table will be updated due to the fact it will read the updated data from the database.
Is that how I get this done? Is this the right way? It just doesn't seem right to me. I've never been codding that way and it seems a little bit messy.
Thanks in advance and sorry for the long ass question.
The problems you describe are exactly what the separation of concerns patterns (like MVC) where designed to tackle.
In your case from display instance to display instance the only thing that changes is how the response must be formatted and provided back to the user.
I would highly recommend looking at some of the more popular and well documented MVC Frameworks for your project (or if for nothing else just to play with and draw inspiration from, most of them and some pretty easy to follow starter tutorials you can run through in an hour or so).
It seems to me you are viewing the problem in a mindset compatible with these approaches and it probably feels clunky to you mainly because you are missing a lot of the structure and tooling that these frameworks provide.
If I am understanding the question correctly. I would think that it would be easier to post(using jQuery) to another script that performs the action you want to perform and only returns the result(html/json data) that you want. Right now you are making two requests to the server for something that seems to be tied together.
My suggestion would be to call one PHP script that performs the specific action that you want to perform(say an update to a news item for an example). Then return that data only in your response and then format that data how you want to in your div using jQuery.
$.post("/files/writetodatabase.php", { taskID: _taskID }, function(data){
$('#div_tasks').html(data) // this is assuming you return html, other wise you // could return JSON data and use it here
});
I tried to make that as clear as possible, difficult to explain when typing.
I'm trying to emulate the upvote/downvote system used on the SE sites. Each of my pages have a score which users can upvote or downvote.
The arrows are images with onclick links to javascript functions. I need to find a way to dynamically change the score without refreshing the page and then run a script (probably PHP) to increment the score in the server's data files.
Is javascript the best way to do this? I'm not that big of a fan of letting users see the source for my functions.
This is only possible using Javascript.
Don't worry about users seeing the source; as long as the server is secure and well-designed, it won't do any harm.
You should only implement display and validation logic in Javascript; everything must be validated again on the server.
Welcome to AJAX.
The easiest way to do that is to use jQuery and its $.ajax method.
See http://api.jquery.com/jQuery.ajax/
It's as simple as
$('a.upvote-button').click(function() {
$.ajax('/posts/123/upvote', {type: 'post'});
return false;
});
Yes, you need javascript (or something considerably less sane) to do this. Namely, you need an AJAX callback.
I'm not that big of a fan of letting users see the source for my functions.
The client-side source of your "function" would be ridiculously simple. It could be as simple as:
$.post('/1234567/vote/up')
You may use a direct link to a php script (and form post values) instead, and without a javascript library it would be a few more lines, but you shouldn't need to expose anything of value in your javascript.
Use javascript. JQuery is an excellent choice for manipulating on screen content and interacting with a server via asynchronous calls.
I have a little bit of a conundrum. Basically I'm developing a WYSIWYG Editor plugin for jQuery specifically for my web application. One of the features will be inserting an inline image tooltip based on the images a user has uploaded. For example:
Hello there my name is [i="profile_pic.png"]A. Username[/i]
The part that I'm having an issue with is, when defining which images are available to a user, whether I should insert the PHP array directly into the Javascript like so:
var available_images = "<?=json_encode($User->Profile->images)?>";
or to go for an Ajax GET that returns an encoded array of the image sources? I think the inline php makes more sense since it removes the need for an unnecessary ajax call but I didn't think that inserting inline php into javascript is terribly good form?
Any suggestions?
There's nothing wrong with inserting data collected by PHP into JS, how else would JS get the data? The only reason you should consider the AJAX call would be, if users could upload new images while they are editing. This would mean the information needs to be updated, which would make the AJAX call more appealing than the static JSON on page load.
Unless the array changes in any way over the life time of the page, then I'd spit out the array exactly as you suggest in your code snippet. There isn't any real benefit to having an extra ajax call because the size of the array I'm guessing won't be so huge as to impact the initial page load time.
If you look around the Stack Overflow pages and do view-source, they do this sort of thing all the time.
If the amount of data is huge and maybe adds a seven or more seconds to the page load time then I'd consider an ajax call. At least the page is rendered and the user has something to look at, meanwhile you can have a throbber image with a status message saying loading or whatever.
I'd also say that I see a lot of unnecessary ajax goings on just for the sake of it. It's like premature optimisation, people adding complexity to solve a problem they don't have. Start off simple as you're doing, if you're having response time issues down the road with the said page, then consider what benefits ajax will bring to the table.
Do you always get the array of images, or only sometimes (e.g. in response to a user's action)? If the former, I'd say do it inline. Otherwise do it as AJAX. i.e. only do it by AJAX if it'll reduce your traffic etc. But if you have to always do it, I don't see any advantage. I don't see any problem with mixing inline php and javascript, other than it means you have to do your javascript inline too instead of in external .js files that can be cached (or at least the part where you populate your array).
How can I transfer an array from an IFrame running a php script, to the parent PHP of the IFrame?
I have an Array of strings in PHP that need to be transferred to the main window so that when the iframe changes pages, the array is still stored.
I could use a cookie for this, though I'm not sure that would be the best idea.
Thanks.
you can't do that in php. iframe is like a new browser window, so they are separate requests. separate requests can not transfer data between each other in a server side language.
if you give some detail as to what you're trying to accomplish, there may be another way around the issue that someone can suggest.
Like Tim Hoolihan said, PHP is a server side language that is only responsible for generating the HTML before it is sent to the browser. Meaning once the page shows up in your browser window, PHP has done it's part.
However, with that said, if you control both the "parent" page and the page being iframed, you can json_encode the array in the page being iframed and set it to Javascript variable, then on load pass it to a Javascript function on the parent page (assuming not violating any browser/domain sandbox constraints). At that point you can do whatever you want with it.
Take a look at jQuery for your core Javascript/Ajax needs.
if you control the iframe, you can save the array in a session variable and make the parent do an asynchronous call to retrieve the array from session.
however Jordan S. Jones solution with only javascript works as well