I am using jQuery Validation plugin in a Drupal based website and it is working fine. Problem is I can't translate custom error message from .po file. I tried to using Drupal.t() function but no luck. When I use this function in console.log(), it gives me original message which is written in English but I want it should be translated in other language. Could someone tell me how to translate string from .po file to javascript. What I did as:
In Js file:
console.log(Drupal.t('Invalid Email Address.'));
In .po:
msgid "Invalid Email Address."
msgstr "ইমেইলটি সঠিক নয়"
Result: Invalid Email Address..
My Drupal version is 7.
First of all check string existence in "Translate" tab of "Translate interface" section (/admin/config/regional/translate/translate)
If string exists, try to reimport your .po file through "Import" tab (/admin/config/regional/translate/import). Perhaps, You will need to use potx module to create valid .pot and .po files
I am creating a app where users can comment on something. So to type the comment I have provided a textarea. Now I want to provide users with tagging functionality. By tagging I mean than when # is typed in the textarea automatically a list of all the users be shown than the commenter can choose a user and that username will appear as #username. Characters after the # symbol should work as typeahead. For ex: If I type #ma than only those users whose usernames starts with ma must be shown. I have a backend API for this. The API will return the results based on the typed characters.
How can I accomplish this in front-end ?
I am using angular js version 1.4.7
bootstrap 3.3.5
There are many libraries available for same. Some of them are as below.
https://github.com/jeff-collins/ment.io
https://github.com/alihaghighatkhah/angular-otobox
The details can be found here
I am trying to type into the language specified by the user according to the language selected. I got the following URL for the same but it supports only Farsi.
Change input to Farsi.
Please can anyone suggest me how to get this done or are there any online sources by which the languages be converted to js files to be referred ?
I have a parsed list/array of phone numbers and i would like to check each one if "isNumberValid()".
i tried some stuff but i guess im missing something important because im a begginer..
How would i do this in javascript there is no documentation for js.
I have a simple jsp that has 3 inputs (name, id and email) and a form submit. From doing some reading ,it looks like my input values should be encoded.How can I do this? Can anyone provide an example
For eg
<td><input id="email" name="email" value=""/></td>
<td><input id="fullname" name="fullname" value=""/></td>
<td><input id="userId" name="userId" value=""/></td>
<input type ="submit" value ="Get User" />
How should the email, fullname and uerId be encoded?
Also I have seen example as follows:
String safeOutput = ESAPI.encoder().encodeForHTML( Comment)
Should the encoding be done both to the HTML and to the java code?
I would appreciate some tips,as I am confused about this.
Thanks
Basically if someone puts any HTML in any of your parameters and you then display those on your site, their HTML will be parsed by the browser. They could use this to screw up your formatting, i.e. leave a B tag unclosed, or they could put in a script tag pointing to a script on another site.
The two most basic ways to protect against it are:
Check for < or > in any user input data, and reject the data if it contains either of them.
Nullify any HTML entered by the user by replacing all < and > with < and > or [ and ].
Those will work if you want to disallow all HTML. But if you want to allow the user to input some HTML, like safe tags (B, I, EM, STRONG), then you need a library that removes all HTML tags not on a whitelist.
You should ideally be using some security frame works like HDIV (HTTP Data Integrity Validator). We use it for
a large eCommerce application and just got our security review
successful.
Some great features
Java based
Supports frame-works like - struts/spring-mvc/jsf/servlets etc
In-built filters/interceptors for handling injections/XSS/CSRF attacks etc
Extract from HDIV site
HDIV is an open-source framework that eliminates or mitigates web
security risks by design for some of the most used JVM web frameworks
It is practically impossible to prevent people entering fragments of HTML in general text fields, because you might want to allow them to enter "special" characters, such as & < and >. So instead of trying to prevent or remove HTML, it might be better to ensure that when it is displayed, it is done so in a safe manner. The JSP c:out action does that. Instead of writing
<p>You said: ${userMessage}</p>
write
<p>You said: <c:out value="${userMessage}"/></p>