I using GWT and have created a login form. I've tried all sorts of ways to get IE7 to prompt to remember the login info but with no success. I thought that maybe this would have worked (but it didn't):
TextBox submit = new TextBox();
submit.getElement().setAttribute("type", "submit");
Any ideas?
You can simply assign values:
private TextBox mName = new TextBox();
private PasswordTextBox mPassword = new PasswordTextBox();
mName.setText("username");
mPassword.setText("password");
In your case I would store the values in cookies, and read them out on startup.
public static String getLastLoginName()
{
return Cookies.getCookie(LAST_LOGIN_COOKIE);
}
public static void setLastLoginName(String userName)
{
Cookies.setCookie(LAST_LOGIN_COOKIE, userName);
}
I don't know GWT, but you might need to somehow set an attribute on the form tag -
autocomplete="on", which has worked for me on a few occasions.
More info here: http://msdn.microsoft.com/en-us/library/ms533486.aspx
If the password textbox is of type password the bowser should prompt for saving the password...
Make sure the Prompt me to save password in Tools >internet options > content > auto-complete (settings) is checked.
One thing I've been able to do that works is wrapping static elements (elements in the actual HTML page, not ones created via Java).
Both sarego and Drejc hinted at the possible solution:
I'm not sure but you may need a PasswordTextBox to trigger IE's "remember this password" features. Also, IE may be getting confused that the elements are bare and not within a FORM element.
I develop extensively with GWT and we've implemented our own "remember me" feature using cookies, it tends to me more reliable and predictable. And your app can then be in control of removing the remembered password (ie, the corresponding "forget me" feature).
Related
I am attempting to track successful form Submissions using an event in Google Analytics via Google Tag Manager. My current setup successfully tracks when users submit the form. However, the event still fires even when the form submission is invalid and does not submit (ie a user hasn't filled out all of the required fields, clicks the submit button, the form attempts to validate, but comes back to the user with errors instead of submitting). I have the Check Validation feature on my listener checked which theoretically should keep the tag from firing if the form submission is prevented, so it's not the obvious error.
The form in question is created with Sitecore's Web Forms for Marketers. Colleagues of mine have had similar unsolved issues with their WFFM forms.
This particular form is used to gate content so that only users who fill out the form will have access to the content resource. So for example if I go to www.mydomain.com/resource I will be redirected to www.mydomain.com/form where if I fill out all of my information correctly and submit it I will then be redirected to the resource that I was originally attempting to view at www.mydomain.com/resource.
Here's my setup:
Tag 1
Name: Form Submission Listener
Type: Form Submit Listener
Wait For Tags: Checked
Max Wait Time: 2000 milliseconds
Check Validation: Checked
No advanced Settings
Firing Rule: On form pages by URL
Tag 2
Name: Event Form Submission
Type: Universal Analytics
Tracking ID: UA-.....
Enable Display Advertising Features: Checked
Track Type: Event
Category: Form
Action: Submission
Label: {{Form resource URL}}
Non-Interaction Hit: False
No More Settings
No Advanced Settings
Firing Rules: {{event}} equals gtm.formSubmit
Theoretically the Check Validation check box should prevent the tag from firing if the form does not successfully submit, but in the case of this form it does not. The tag fires regardless of whether the form submits or not.
Apologies that I cannot link to the form as it is for a client and behind security.
We were able to find an answer to our question via the Sitecore forums, but I wanted to pass it along for your benefit.
From Sitecore:
The Web Forms module provides the double level validation, 1-client validation, 2-server validation.
By default, the client validation is disable for the Required Field validator. So, when you press Submit, the form posts to the server, and returns with the validation error. It's a possible reason why Google Analytics considers that as a form submit.
Find the following item in the Master database:
/sitecore/system/Modules/Web Forms for Marketers/Settings/System/System Validation/NotEmpty
Find the "Enable Client Script" checkbox and enable it.
Save and publish the item.
Check whether the issue was fixed.
This fixed the issue for all of our text based fields. It did not fix the issue for the one checkbox on the form. I've followed up with sitecore on this, but I figured that I'd update here in the meantime.
With only the checkbox remaining I was also able to use a a macro and add to my original firing rule in google tag manager so that the event would not fire if the checkbox was not checked.
I created a Custom Javascript Macro called Radio Button Checked (not sure it's the best, but it worked), and added a new condition to my original Form Submission Rule: {{Radio Button Checked}} equals true
The macro:
function() {
var radioName = "radioButtonName";
try {
var buttons = document.getElementsByName(radioName);
for (var i = 0;i < buttons.length;i++){
if(buttons[i].checked) {
return true;
}
}
} catch(e) {}
return false;
}
EDIT: Sitecore got back to me about the checkbox issue.
From Sitecore:
Currently the CheckBox field type doesn't have the client-side validation. I registered it as a bug for the WFFM module. I'll let you know as soon as it's fixed.
They let me know also that this isn't something that will be fixed near-term so I need to continue using my GTM workaround for the check box field.
The Google Chrome plugin "Tag Assistant" is super helpful in debugging these sorts of issues. It will show you what (if any) structural or implementation issues exist on a given page that might be preventing your intended tracking behavior (https://chrome.google.com/webstore/detail/tag-assistant-by-google/kejbdjndbnbjgmefkgdddjlbokphdefk?hl=en)
My gut feel is that this issue is not specifically related to WFFM, but may be due to the implementation of the Tag Manager code on the page. I seem to recall having an issue like this when the Tag Manager include code gets dumped inside the auto-generated .NET tag when using WebForms in general. Google's docs (https://developers.google.com/tag-manager/quickstart) say to put it immediately after the opening tag, and I recall that being my issue with tracking form submits.
This is all from memory, so I could be wrong, but it's something else to check.
Good luck!
I am not 100% sure if this is as big an issue has I seem to think it is right now but I think I may of found an issue or at else an hole within the Inspect Element viewer within Chrome.
I was using (I have now changed my settings) hidden ID's to set a number of defaults, one was users levels, another was to make the user active by default.
However when I view these ID's within the inspect Element view and then changed the values, submitting the form would submit the NEW value to the server and not the value I had given it.
For Example:
I had something like the following within my code,
<input type="hidden" name="data[user][level][id]" value="1" id="MyID">
I then changed it within the Inspect view to,
<input type="hidden" name="data[user][level][id]" value="2" id="MyID">
Then I submitted the form and was surprised that the NEW value was submitted, I was always under the inpresion that hidden ID's where not changeable and the browser should only submit the default values held within.
I have now changed this to letting the database default to a basic user and then I can change the users setting has I want to. But in some cases this may not be an option, so I was hoping for an answer or some feedback about how to make this more safe.
Am I just a bit slow, are there better methods (different ones) to passing 'hidden' data from forms to the server?
I was thinking about maybe using JQuery to add the needed hidden fields to the forms once the user had selected / submitted the form, but i am not sure if this is 100% safe or even if its a good idea.
Any ideas / feedback are very welcome.....
Many Thanks,
Glenn.
I had the same problem passing the database data into a modal,the solution i know is to use jquery ajax to get the informations from the database requesting a file,adding them into variables and compare the variables
$.ajax({
url: "test.html",
context: document.body
}).done(function() {
$(this).addClass("done");
});
I used this code sample to do it.
Of course there are a few modifications to be done depending on your script
I found a better way of doing this, at lest in CakePHP. The CakePHP framework has inbuilt security calls. These in-built functions when added give you all sorts of stuff but the main reason I used them was to stop this sort of form tampering.
I am not 100% sure how it does this, but it adds a token to all forms and it checks to see if the form being submitted is right? Again not sure how the token works.
But here is the code I used ::
public function beforeFilter() {
$this->Auth->allow('index', 'SystemAccess');
$this->Security->blackHoleCallback = 'blackhole';
}
public function blackhole($type) {
$this->Auth->logout();
$this->Session->setFlash('Sorry a security issue has been detected, please try again or contact us for support.', 'default', array(), 'bad');
$this->redirect($this->Auth->redirect('/'));
}
Now I will add that the call the Auth logout I added to this for extra added security, as the user maybe have logged in on a system and it just not be them that is trying to do things that they should not.
Hope that helps others out!
But this is only a fix for when CakePHP is in use. I would take it that other frameworks would have their options but if your only using basic HTML? or a CMS like Drupal again there might be in built security.
Many Thanks
Glenn.
The only safe and best solution that I found for this issue is to check on the server side whether the user_id sent with the form is the same user_id logged in with or not.
Although using jquery is good idea, but, did not work with my case as am using data: $(this).serialize(),
However here's my code on the server side (Note, am using Laravel 5.4, but am sure it won't matter with your case)
if ($request->user_id != Auth::user()->id)
return json_encode("F**K YOU ! Don't Play Smart -_- !");
else
raw_material_category::create($request->all());
Hope this helped ;)
I've got GWT module where I do some stuff and I have search results - doesn't matter in which form. Now after searching, and clicking on for example "Export to HTML" button,I would like to create new html page (for example from client side code by creating simple string which contains only listed results of searching list of results ) and open it in new browser window. I know that there is Window.open(...) method, but there I must specify url which i don't have. I want to create this new html page by client side - without server inference (I don't want to create some resource on server side and then paste url to this resource to client side). Is there any possibility to achieve this? If there is no option, other method which would satisfy me, is to open standard dialog box for saving, which will allow to save results in a html file.
Thanks for helps.
Kind regards.
Here's the code I use to print:
native void openPrintWindow(String contents) /*-{
var printWindow = window.open("", "PrintWin");
if (printWindow && printWindow.top) {
printWindow.document.write(contents);
printWindow.print();
printWindow.close();
} else {
alert("The print feature works by opening a popup window, but our popup window was blocked by your browser. If you can disable the blocker temporarily, you'll be able to print here. Sorry!");
}
}-*/;
Seems like you could adapt it for your purposes with some simple rewording and by removing the call to print()! The contents variable just holds flat HTML. There are no trips to the server.
openPrintWindow("<h1>Search Results</h1><ol><li>etc...");
The method of opening new window from client js which allows user to save that generated content from browser's save as menu is data:url scheme, content written to opened page via println usualy not saved. But data:url works only in morden browsers. And the content written should be quite small to fit browser's url length resteiction.
See example from this article http://en.wikipedia.org/wiki/Data_URI_scheme#JavaScript
I keep having an issue with users double-clicking on action buttons on my web application, which is meaning duplicate records are being added into my database, and sometimes the user is being charged twice (as the action is being ran twice).
What is the best way of preventing double clicking in ASP.NET?
I see you're concerned about this in the face of users without javascript enabled. If that's the case, you need to deal with it on the server side. One idea to deal with this would be to implement CSRF tokens throughout your app.
This basically keeps a token in the server side session, and also requires the token to be submitted in the request. Provided youreset this token in the session in a timely manner (and assuming that you're using usual ASP.Net mechanisms to serialize access to the session), the second request will be using an out of date token, and can be ignored.
I think the best solution would be to disable button after clicking using Javascript. Try adding onclick function to it:
<input type="submit" onclick="disable_button(this);" />
<script type="text/javascript>
function disable_button(sender){
sender.disabled = true;
}
</script>
It can also be done using server-side code using server controls. Paste this into your pre-render or page_load event:
yourButton.Attributes.Add("onclick", " this.disabled = true; "+ ClientScript.GetPostBackEventReference(Button1,null)+";");
This will basically disable the Button when ever u click it and then calls the server side code as if the button has been clicked.
Have you tried adding a little JavaScript to the submit button?
e.g.
<input type="button" onClick="formSubmit.disabled=true;">
This way the button is disabled right after the first click and won't take the second click ...
I solved this problem by using a session variable without enabling or disabling the button.
In the Page_Load add :
Session["clicked01"] = "0";
in the btnSave_Click :
if (Session["clicked01"] == "1")
{
return;
}
/// save the record
Session["clicked01"] == "1"
Can i change url(set parameter) without submit?
I found this method
http://google-web-toolkit.googlecode.com/svn/javadoc/2.1/com/google/gwt/user/client/Window.Location.html#replace%28java.lang.String%29
but it submit page. All GWT state will be lost.
If you want to change something that is not in the hash, for example you want to change a parameter in the URL, you can do it like this!
private void someMethod() {
String newURL = Window.Location.createUrlBuilder().setParameter("someParam", "someValue").buildString();
updateURLWithoutReloading(newURL);
}
private static native void updateURLWithoutReloading(String newUrl) /*-{
$wnd.history.pushState(newUrl, "", newUrl);
}-*/;
Then you could register a function that handles the user using the back and forward browser buttons as demonstrated here.
Why are you trying to do this? Generally speaking, GWT apps don't change pages - thus they are normally SPAs (single page applications)
When you load a new page from a server, you will lose the state on that page. You can change the hash part of the URL as that won't return to the server, like this:
String newURL = Window.Location.createUrlBuilder().setHash("newhash").buildString();
Window.Location.replace(newURL);
However, if you're going to do this, I would recommend taking a look at GWT's MVP framework, which has built in support for managing locations using hash tokens.
http://code.google.com/webtoolkit/doc/latest/DevGuideMvpActivitiesAndPlaces.html
$wnd.history.pushState(newUrl, "", newUrl);
Works nicely in HTML5-browsers. Not in IE8 or IE9!