I'm trying to make a page with 2 fields (email and feedback) and 1 button. When the user clicks on the button, a table on a page else where is filled in with the data, permanently.
Does anyone have recommendations of how I should do this? I'd like to avoid having a script send me an email, or writing to a database. But if I have to, which ever is easier to configure would be prefered.
Thanks,
Matt
So you want a comments system like you find on most blogs? You'll need to store those comments somewhere, probably in a database. As for how to do it, that would depend entirely on what you already know and what the site is currently written in. You could use PHP and MySql if you already have those skills, or ASP.Net/SQL Server, or if you want to be down with the cool kids you can use Ruby on Rails or Python/Django.
If you post what languages you already have experience in, and/or what the site is written in you might get a more specific answer :-)
There're 2 types of scripts: server side and client side. The client side script (JavaScript) stores info only for particular visitor on his computer and this can't be seen by anybody else.
You need a server side script to save feedback on the server. The language or technology depends on the hosting server you use. Not all hosting services allows server side scripts. You need first to find out what scripting languages and technologies are supported by your hosting provider. Then we can help you more.
ADD:
For an unexperienced persons I recommend to search for hosting services which has most needed functionality. Something like blogs, etc. On such services you could create pages that will have comments and feedback and many more.
While it may seem outdated it's not necessarily a bad design. You can use PHP or Perl (due to it's string parsing capabilities) and simply store the main page on the disk.
Here's your sudo code/design...
You'll need need an html page that looks as follows
<tr><td>email</td><td>comment 1</td></tr>
<tr><td>email 2</td><td>comment 2</td></tr>
<tr><td>email 3</td><td>comment 3</td></tr>
Then you'll need a php script page that will read this html file in and display it.
The php page will also contain code for dealing with a user submitted comment. When a user posts a comment you need to open the html page with the rows in it and append to that file.
You need to be careful with this design however because you may run into write concurrency issues if two people attempt to read the file at the same time. Add code to handle this gracefully accordingly.
Related
I am creating an epub3 with a form inside. Is it possible to save the information that was inputted in the form locally when the user is offline and send it to a web service if the user is online?
THIS is a good question! Finally...
OK, for the first part of your question (saving the information) you can use localstorage, for some great info on that go here: http://diveintohtml5.info/storage.html.
The next part of the answer is not quite so simple: ideally you could just use some sort of try catch with an XHR request, but chances are that won't work because most ePub3 readers (actually, pretty much all of them except Readium) don't support XHR or external request functionality. See this post for more info on that: http://beneaththeink.com/blog/who-supports-epub/.
If you want your book to be distributed through any of the "normal" channels (pretty much just iBooks since you need Script support at this point) you won't be able to send the data at this point in time...
However, if you will be distributing the book yourself for use on Readium and iBooks (or if you want to plan ahead and hope for support) there are a few hacks you can do. My personal favorite, is embedding the data in a media request (IE www.yoursite.com/fake.m4v?data1=localStorage.data1&data2=localStorage.data2) and pulling out the data on your server. This would be nested in a try catch and activated whenever the book is opened.
If you include the base url (www.yoursite.com) in the .opf file, as well as at some point in the chapter which contains the script, this will work in iBooks! If you don't include it in the .opf the request will get blocked right out of the gate... For more information on why this won't work in the actual iBookstore check out this post: http://beneaththeink.com/blog/external-video-in-ibooks-epub-files/.
Best of luck!!!
I had an idea about website vulnerabilities, and I would like to know if it is possible. Also some suggestions on how to fix them.
If some part of my website writes data to the DOM and then calls the data back from it, would it be possible for someone to “hack” the server by editing the DOM in the browser?
For example, suppose I have some radio buttons. Each button has its own logic associated with it. If I remove one of the buttons, but fail to remove or comment out the logic, could someone go in and edit the DOM name of one of the buttons to the removed one, and upon submission have the server execute the logic associated with the removed radio button?
I understand how to fix that situation, by removing or commenting out the removed button’s logic, but I fear my site relies too heavily on such things that could be manipulated via the DOM. Hence, I’m wondering:
Is such a thing possible?
Is some complex validation method the only way to prevent “hacks” of this nature?
The answer to your question is yes. For example in many browsers you can open a javascript console and change not only the DOM but also the javascript on the site.
There is no guarantee that the code you write for a webpage will be run as you code it. Any user can change their copy. What they should not be able to do is change other people's copy. When they do this is called a cross site scripting (XSS) attack. (Typically done by adding script to a field which is saved in a database server and then served to another user.)
To protect your site you need to ensure that all web service calls are secure -- that is a user can't call them with malicious data and cause problems.
You also need to block against SQL injection attacks.
There is NO way to protect against a user changing the web page on their machine and having it do something you did not intend, so all validation needs to occur both in the browser and on the server.
As an example of how easy it is to change the local browser behavior, consider the browser extension. A browser extension is a pre-coded way to change the way web pages act locally.
(Think about ad-blockers as a specific example.)
I'm creating an iPhone Game where I want the user to get a unique numeric code when they first launch the app, that way when a friend of that user opens it, he/she can input that code and both users can get rewarded. I haven't encountered any issues regarding that, however what I want to do is make it to where the app registers the code given to every user and saves it to a website of some sort. That way when the other user enters the code, it will load the data from that website and check if it's registered. How would I manage to save the data onto a website? and also What free website could I use for this without having a character limit on the body page?
-Thanks in advance
Your thinking is correct, in that you need to save your data somewhere online, but you don't really "save data onto a website" in the way that you're describing. "Free Website" services usually serve a different purpose entirely - that of serving up public html pages. Sure, they can take the form of a CMS (like wordpress.com or tumblr accounts), but using that as an interface for storing your application's data is not something they're typically designed to do.
For something like this, where you have a public iPhone app that requires secure access to custom strings, you really want to have control over your own web server (different than a domain name, btw), and interface with a database on that server. This will come at a cost, and will involve more code than you're likely to find someone to write for you on here. Sorry to say it, but hey if someone wants to prove me wrong I'd love to see it.
Because all you need to store & retrieve are random strings (basically referral codes... if I'm understanding correctly), your database needs are pretty simple. If you're not familiar with things like PHP / MySQL, and you don't want to learn, it might be worth reaching out to some server-side developers for help. Unless there's more to it than you describe, you can probably find someone to help you for relatively cheap.
Good luck - and I'm sorry there isn't a simpler answer for ya.
You can send data using NSURLConnection. Just create an NSMutableURLRequest and call its -setHTTPMethod: method with “POST” as the HTTP method. Then, set its body and header fields appropriately, and you can use NSURLConnection to send the data.
I've been asked to create an app that will get data back from a database where the CMS will be Wordpress. I've never used a CMS so I'm trying to get a (overview)picture in my head of how it could all work and what each of the components would be. And what a CMS actually brings to the party.
Creating the app itself is pretty clear. I've done a few already. I've made a database before and shouldnt cause a problem.
But what is going to be in the middle between the app and the database?
Part A:
I'm guessing iphone apps typically would call some php file that's hosted on the server? The php then would make a call to the database and return the data somehow, maybe as xml. But this is really basic and wouldnt require a CMS. Just a database and a phpfile, or am I wrong?
Part B:
If i wanted to run a check on the database every minute to see if any of the data in database was no longer valid and remove it if needed, that would require somekind of program running on the server. So that program would be Wordpress, since it is managing the content, so a content management system is actually needed and is for these kind of taskes. Am i understanding the role of CMS?
Many Thanks,
-Code
Part A: Yes, that's definitely how it would normally work. Of course, you're not accessing "a" database, you're accessing the database WordPress creates, but otherwise, sure.
Part B: The role of a CMS is to provide a structured, easily-edited way of presenting information. It abstracts both the database and the user interface stuff, allowing the CMS administrator to CRUD data via the use of simple forms.
In your case, no, you wouldn't (usually) ask the WordPress software to provide information because it's not set up to provide data that's programmatically requested. Instead it's designed to display HTML pages with the data embedded. The WordPress software is specifically for humans to CRUD the data through a human-friendly interface. You'd write your own, as in Part A.
This article shows some basic PHP for retrieving blog entries and user comments, likely most of what you'd want. The WordPress database format is well-documented: here's an article that lays it out and provides more PHP examples for retrieving the information.
Have a look how the Wordpress for iOS team is doing it:
http://ios.wordpress.org/development/
I would not try to access the db directly or through some custom php-code, but use the official WordPress API (which uses xml-rpc) instead.
and this xml-rpc objective-c library might even make this a pretty straightforward exercise?
I'm trying to clone a commercial Student Management System which was written in Perl. I want to use PHP, as I have no experience in Perl.
I am now trying to set up the login system, which should be (has to be?) done with PHPSESSID's, right? Now, in PHP I could transmit the Session ID via GET, POST, and COOKIE.
The Perl website doesn't add parameters to the URL (GET) and does not save cookies on my computer (COOKIE). There is also no form which could contain a hidden field (which would be POST in PHP, right?)
Can someone tell me how Perl remembers the logged in user there?
Perl takes a much more "toolkit"-based approach to building web applications than PHP does, because Perl was not designed specifically for web work. So it doesn't have any built-in way of doing web app session management; rather, there are many modules on CPAN which implement session management in many different ways.
If you were to identify the Student Management System in question and provide a URL, we might be able to look at it from the outside and identify what it's doing, but, really, I question whether you actually need to use the same session management system as the existing app unless you want to implement single-sign-on between the original version and your clone[1]. Concentrate on cloning the user-visible interface and functionality rather than the implementation details behind it.
[1] ...which would be futile anyhow unless you're also planning to tap into its session database on the back end, since neither one will recognize the other's session ids if they don't share that data.
For the sake of completeness, there are OTHER, non-standard ways to store/transmit session information than the 3 methods you listed (although I seriously doubt any of them are used in your SMS). Among them:
Sending the cookie data as part of the DOM (e.g. in HTML) and having on-page JavaScript access it from DOM
Or, just store the cookied data as JavaScript's data in the first place.
AJAX calls. E.g. the session-enabled logic is all handled in AJAX URLs and not the main URLs. Yes, I know that's completely screwy. But doable.
Don't store the cookie in main cookie database (so you can't find it using standard cookie viewing methods). For details on how that's done, please google "evercookie" for a VERY cool method of persistently storing cookie info by utilizing up to 10 redundant storage options - one good intro is http://blog.depthsecurity.com/2010/09/super-persistent-cookies-evercookie.html
All that said, I completely agree with Dave's answer - just use PHP's best practices mechanism to implement the functionality instead of cloning possibly-perl-specific and possibly-weird implementation in the webapp.