I wonder whether someone may be able to help me please.
I've been working on a Google maps application that will allow users to geocode and reverse geocode from the information they provide on a input form.
As it stands at the moment I have separate HTML and Javscript files, and, with thanks to some of the people on this forum they work fine.
However, I now would like to run these from my SQL server. Because I'm very new to programming in general and especially that around Javascript and google maps I naively thought that it would be a simple job of putting the relevant Javascript, HTML and PHP files on my server and everything would work.
How I was wrong!
But having looked at the web there seems to be a number of solutions to this problem.
As I said earlier this is very new to me, so I just wondered whether someone, with a bit more knowledge of this could point me in the right direction please, and whether indeed, it is better to amalgamate the Javascript and HTML files rather to perform some sort of conversion to enable me to use the Javascript files.
Many thanks
Chris
I'm not sure of your level of understanding, so I'm just going to start at the top and I apologize for covering something you already understand.
When you create your HTML and Javascript, let's assume it's in the same file for now. Your web application is going to get hit, and your server is going to take the request and serve the page up to the client. This will be in the form of the same HTML and script you typed into your IDE. Each inidividual browser is going to interpret that, format it, and basically build the page up to the user.
All of the javascript comes along for the ride, and is hooked up client side. Note that if your javascript is in a different file, it still comes along for the ride, as long as it's referenced correctly by your page. At this point your job is done. They can play with your page even without internet access, as long as they don't do anything that requires a post back to the server.
This means that as long as you can get your javascript to the user, your job is done.
In short, when you say you want to run javascript on your SQL server, we aren't sure what you're implying. There is no reason to run javascript from a SQL box. Do you want the SQL server to also serve your web page? Or do you have some code in javascript that you want to run over a dataset?
Related
A few days ago I decided to make my own "interface" to make it easier to organize (and work with) some of my personal files. You know when a lot of related data, pictures and links are right in front of you and you can change them in a couple of clicks, this is very convenient.
I started by studying HTML, CSS and JS, because I thought that the changes made to the local page would be saved somewhere on my PC so I can just run Index.html and do whatever I want. But they didn't. Refreshing the page erased all changes.
Using browser localstorage does not suit me, because if I change the browser, the data will be lost. I wanted it to just open with Index.html and work fine even if I change my browser or move the site folder to another computer.
Then I decided to learn more about server-side languages (such as PHP or Node.js) because they are directly related to databases, so I was hoping to save changes through them. But these languages required me to really open the server, with ip and port tracking. And I just wanted to open a local page through one file, without any ports or connections via the console. So this method scared me off quickly.
So is there an easy way to make a local page like this? Maybe I have not studied well one of the above methods and it has this opportunity?
Or the best I can hope for is a simple application that will use that local page as an interface to interact with data? I accidentally heard about this possibility a long time ago. Then I will ask you to give at least a hint as to which language to choose for this.
I don't understand well everything that lies outside of vanilla HTML, CSS and JS, so a complete study of a complex language like Java or Python will be too difficult for me, and the goal is not worth such a lot of effort.
I hope I understand correcly what you are trying to do.
If your goal is to make an application to manage your files, I think the simplest solution will be, as you said, to look into NodeJS and the File system api which will let you interact with your files through javascript code.
Your program will have to be in two part that will have to interact:
the "front" html page
the "back" nodejs script
The downside is that you'll have to go deeper into your study of the language to learn how to create the interactions you want between your html file and your NodeJS application.
However, there is no need to open your server to the web to make it work. The NodeJS application can be set to listen to requests from only the computer that runs it (localhost).
I obviously can't get too much into details without knowing precisely what you want to do but you'll probably have to learn to make a local server with node (search "nodejs http" or "nodejs express"), then make requests to it via the html page's scripts (search "ajax request").
What you need to look into are (web based) content management systems. like strapi or "grand old dame" WordPress.
I'm currently working on a Chrome Extension which searches for specific content within webpages.
Now, my idea is to build a Database based on the correctness of this search result (which would be verified by the users), so it can be more accurate in these searches as the database grows. Kind of like a Machine Learning process I guess.
I'm fairly new to programming and I would like your advice on what are the best possible ways to do this.
Currently I just have JS/HTML/CSS, and it seems to me that I'm gonna need some other language.
A single CSV that the Extension could read/write would be enough for this, I think. Or something with SQL.
Thanks in advance!
You have to compose and post a CRUD command to a web server page (a server you own or you controll)
That page can be written in php, asp.net..
Web server page receive the CRUD command and run the relevant statement on your database via OBCD driver (or other similar driver)
Normally the web server page then responds, as a result of your post, with a message (text, xml, json) that makes you understand if the command has been successfully executed or not.
EDIT 04/30/2021 16:24 Rome Timezone
you say:
which would be verified by the users
what did you mean exactly?
more users together contributes to make the shared database better ?
or every single user contribute by itself to make his own database better ?
if one then my previous answer could be a good start point.
if two, forget my previos answer a think to build a indexedDB within your extension.
Read a csv or txt file through XMLHttpRequest is not a problem, but how do you thing to write the same file with the same tool (XHR) ?
You could think about a Google public spreadsheet.
"Google Sheets" allows you through an "endpoint url" and a set of API to insert new rows\records and to read the entire content of the spreadsheet
or (if I remember correctly) part of its content.
I state that it's now 2 years or maybe more since I got interested in Google Sheets.
Based on the information in my possession, perhaps outdated,
I can tell you that "Google Sheets" it is a path that I DO NOT advise you to follow.
First, because spreadsheet url being public would allow an attacker to pollute your DB by inserting many rows\records
by simply typing a url in the browser's address bar or creating a simple bot that inserts thousands of lines in a while.
Second, because that set of API do not allow you to implement very sophisticated queries (certainly not at the database level).
If you are really interested in Google Sheets I suggest you check what I have just stated.
If you have to "waste" energy to learn something new
I would suggest you to give priority to SQL and then to a server-side programming language (php, asp.net, node.js)
However, a free space hosting service with php and mySQL support is not too difficult to find.
So. I have a working code for defining a user set variable.
Currently, I use the var data= prompt("prompt", "default entry")
for cleanliness sake.
Is there a way I could log this variable string to a .txt file or some information on my server so I could access the user's input?
This is for a Linux Based Web Server, but I do file management remotely through an FTP Server on Windows.
I am inexperienced in JavaScript, so I could be missing a glaring issue.
However, I have looked through much of Google, but I have not experienced any results with their methods.
No error messages come up on my console, on either end, with any of the methods I have tried. A couple of methods remove the prompt entirely.
No file has shown up with any of the methods I've tried so far.
You need to be running some kind of server side application, this is a topic way out of range for a StackOverflow question as you could choose a huge range of different technologies from Node.JS, ASP.NET Web API, Java, PHP and a huge list more.
One quick way I would recommend is read up on Node.js, create an end point expecting a post and just put an action on your form pointing to the end point and then log the contents of the post to a text file.
The proper solution would involve setting up a database but is way more involved.
Is it possible to not allow people view one of my website's JS file?
Demo:
http://js.maxmind.com/js/geoip.js
If you copy the URl and paste it in the browser, it will say "Unauthorized". But if you put it inside the HTML, it will do it's work.
Can I do that with my code.js file?
JavaScript is an interpreted computer programming language. It's not being compiled and it runs on the client's browser/computer, therefore, the client must see the script in order to execute it. That's why you cannot hide the code.
You can define in your server folders as restricted and that means the user can not access them directly, but when the browser loads the page it have to load all the components such as images, css files, js files etc...
If the browser can load them, it means the user can see them as well.
For example, you can also define that users are not authorized to see any .jpg files but they can easily save any image. Actually the browsers usually saves the images anyway on your local computer and cache them, so next time you load the page, it won't have to download files that weren't changed again.
As others already mentioned, trying to hide a js code is very bad practice and you need to avoid it. If you want the make the life hard for other developers that wants to copy your code you can use this site to obfuscate your js code, but remmeber, it only makes it harder to read by humans, it does not provide you any security.
First, let me explain loud and clear: that is the worst security I can imagine for what it is trying to do. It is just shouting, "HEY NOBODY LOOK AT THIS INSECURE FILE."
Your question has been viewed 41 times so far. That means up to 41 people are wondering what that mysterious does and probably half of them can find easily out. In short, don't do this.
There is no client side security. I refer you to this answer, for instance.
As for how to implement the situation, as noted in comment it's probably done by checking the referrer header. To find out fully check the request headers in the dev tools in your browser and compare to the request headers used by curl (e.g. by using a post bin).
It is not possible to not allow people to view one of your website's JS files.
To be more precise, if someone can execute your JS file, they can view it.
Although you cannot prevent a user from being able to look at your javascript you can make it extremely difficult for them to understand what they are looking at through obfuscation or minification, for the latter there are many services that will do this for you; look at this for example. As for obfuscation I don't know of any way to do it automatically but it would be a similar approach.
If you have information in the javascript that you truly cannot allow a user to see, then I would suggest moving it into the server side code and only pass to the javascript the absolute minimum. As I am not sure what you are using on the server side I cannot give you a specific example; however in the past when using MVC I achieved this by passing the values I needed either to a hidden input ( if the value needed to be posted back with a form) or through jQuery.Data
I've developed a system that polls a server and injects the response JavaScript into the clients web page. I want to obfuscate the JavaScript the server serves, but I also want to know if there is a tool that dynamically obfuscates it according to a token or key. Meaning every new session gets unique scripts that will only work with that client during that session.
If this doesn't already exist, could someone maybe provide me with a link on how to write my own JavaScript obfuscation tool.
Chris, I encourage you to look at this a different way.
First of all, your problem seems to be that you want to display something on your web page, but you want to disguise the methodology that it got there. The absolute best way to do this is to execute all of your code on the server.
This frees you up so that you don't have to obfuscate anything. Any Javascript that you execute would just be working on raw data anyway, and wouldn't be anything specialized that a hacker could do anything with.
A hacker could not see your business processes if all of the work was done on the server.
So, you can make an Ajax call out to the server, which executes the code, and returns HTML or JSON data that your app can then use to place on the webpage. The hacker has nothing to go on, and you don't have to build obfuscation into anything.
Heres a page that encrypt javascript acording to a key
http://scriptasylum.com/tutorials/encode-decode.html
Something you can do, to hide your javascript, is to send it this way:
<?php
header("Refresh: 0;javascript:document.writeln('');");
?>
your js code here
I have not tried it,but I think It will create a empty page wen viewed by a browser.