Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Programming > Javascript > hiding stuff

Reply
Thread Tools

hiding stuff

 
 
Jake G
Guest
Posts: n/a
 
      11-09-2006
Does anyone know how I can access a variable if I set its value inside
<%@ language="javascript" %>
<%
var whatever = 1234
%>
Then later I want to check that variables value to make sure a user can
proceed.

I tried writing it out to a hidden field, but the value still appears
in the source. So either I want to make it not show up in the source,
or be able to access it later would both be acceptable solutions.


Help?!?!??!

 
Reply With Quote
 
 
 
 
Evertjan.
Guest
Posts: n/a
 
      11-09-2006
Jake G wrote on 09 nov 2006 in comp.lang.javascript:

> Does anyone know how I can access a variable if I set its value inside
> <%@ language="javascript" %>
> <% var whatever = 1234 %>


That is serverside code on an ASP platform,
the variable value is not sent to the client browser.

> Then later I want to check that variables value to make sure a user can
> proceed.


You can only do that clientside, or you have to send it to the client in
the HTML like this:

<% = whatever %>

> I tried writing it out to a hidden field, but the value still appears
> in the source. So either I want to make it not show up in the source,
> or be able to access it later would both be acceptable solutions.


Impossible, unless you use AJAX to fetch it later from the server, where
you should have put it in a session variable or a database field.

Even then, if you want to compare a value clientside, you will have to send
it to the client.

However you clould send the to be tested value to the server from
clientside to be tested there and the result could be returned to the
client by AJAX like techniques.

--
Evertjan.
The Netherlands.
(Please change the x'es to dots in my emailaddress)
 
Reply With Quote
 
 
 
 
Ruso
Guest
Posts: n/a
 
      11-09-2006
I've seen this done using checksums (md5), but I dont have a minor idea
how to make a code.

This is an example of how it done:

<script language="JavaScript" type="text/JavaScript">
var answ_md5;
answ_md5 = '4136340c50a1f8b2286c0482cf3912f8'; //IMHO FAKE checksum
answ_md5 = 'c81e728d9d4c2f636f067f89cc14862c'; //IMHO
REAL checksum
function CheckAnswer() {
var answer;
answer = document.getElementById('answer');
if (hex_md5(answer.value) == answ_md5) {
return true;
} else {
document.getElementById('attempts').value++;
document.getElementById('error').innerHTML = 'Ключ "'+
answer.value +'" не подошел. Взлом неудачен.';
answer.value = '';
answer.focus();
return false;
}
}
</script>


What can you do, it make a separate *.js file and make an include
statemnet in ur page. So the javascript part wont appear in the source
code of ur document, but the link to the js file will. So anyone would
be able to download it and read the code.


Evertjan. wrote:
> Jake G wrote on 09 nov 2006 in comp.lang.javascript:
>
> > Does anyone know how I can access a variable if I set its value inside
> > <%@ language="javascript" %>
> > <% var whatever = 1234 %>

>
> That is serverside code on an ASP platform,
> the variable value is not sent to the client browser.
>
> > Then later I want to check that variables value to make sure a user can
> > proceed.

>
> You can only do that clientside, or you have to send it to the client in
> the HTML like this:
>
> <% = whatever %>
>
> > I tried writing it out to a hidden field, but the value still appears
> > in the source. So either I want to make it not show up in the source,
> > or be able to access it later would both be acceptable solutions.

>
> Impossible, unless you use AJAX to fetch it later from the server, where
> you should have put it in a session variable or a database field.
>
> Even then, if you want to compare a value clientside, you will have to send
> it to the client.
>
> However you clould send the to be tested value to the server from
> clientside to be tested there and the result could be returned to the
> client by AJAX like techniques.
>
> --
> Evertjan.
> The Netherlands.
> (Please change the x'es to dots in my emailaddress)


 
Reply With Quote
 
Evertjan.
Guest
Posts: n/a
 
      11-09-2006
Ruso wrote on 09 nov 2006 in comp.lang.javascript:

> Evertjan. wrote:


>>
>> However you clould send the to be tested value to the server from
>> clientside to be tested there and the result could be returned to the
>> client by AJAX like techniques.


[Please do not toppost on usenet]

> I've seen this done using checksums (md5), but I dont have a minor
> idea how to make a code.
>
> This is an example of how it done:
>
> <script language="JavaScript" type="text/JavaScript">


do not use language="JavaScript"

> var answ_md5;
> answ_md5 = '4136340c50a1f8b2286c0482cf3912f8';
> //IMHO FAKE checksum


> answ_md5 = 'c81e728d9d4c2f636f067f89cc14862c';
> //IMHO
> REAL checksum


REAL ??? In Javascript ??? Are you confusing languages?

> function CheckAnswer() {
> var answer;
> answer = document.getElementById('answer');


var answer = document.getElementById('answer');

> if (hex_md5(answer.value) == answ_md5) {


What is that function hex_md5() ???????????

> return true;
> } else {
> document.getElementById('attempts').value++;
> document.getElementById('error').innerHTML = 'Ключ "'+
> answer.value +'" не подошел. Взлом неудачен.';


Does not ring a bell here

> answer.value = '';
> answer.focus();
> return false;
> }
>}
> </script>


Could you explain what you are trying to accomplish here?
Is this your own code?


> What can you do, it make a separate *.js file and make an include
> statemnet in ur page. So the javascript part wont appear in the source
> code of ur document, but the link to the js file will. So anyone would
> be able to download it and read the code.


Let us first concentrate on what you want to do?

As I said earlier, clientside comparison needs to divulge the comparator
string, unless perhaps you use a one way trapdoor function.

Anyway even then the boolean result can easily be manipulated.

"Smart programmers do it serverside!"

--
Evertjan.
The Netherlands.
(Please change the x'es to dots in my emailaddress)
 
Reply With Quote
 
Ruso
Guest
Posts: n/a
 
      11-09-2006
Evertjan, as I said I dont know hoe to do it, so I think its clear that
it is not my own code.

I just saw this in one on-line "game" like u have a question u type an
answer and the next question/page appears if answer is coorect.

So here is the link to it, and the js function is on the source page of
each page with question.
http://hacker.sax777.com/

So you can check it urself.

Evertjan. wrote:
> Ruso wrote on 09 nov 2006 in comp.lang.javascript:
>
> > Evertjan. wrote:

>
> >>
> >> However you clould send the to be tested value to the server from
> >> clientside to be tested there and the result could be returned to the
> >> client by AJAX like techniques.

>
> [Please do not toppost on usenet]
>
> > I've seen this done using checksums (md5), but I dont have a minor
> > idea how to make a code.
> >
> > This is an example of how it done:
> >
> > <script language="JavaScript" type="text/JavaScript">

>
> do not use language="JavaScript"
>
> > var answ_md5;
> > answ_md5 = '4136340c50a1f8b2286c0482cf3912f8';
> > //IMHO FAKE checksum

>
> > answ_md5 = 'c81e728d9d4c2f636f067f89cc14862c';
> > //IMHO
> > REAL checksum

>
> REAL ??? In Javascript ??? Are you confusing languages?
>
> > function CheckAnswer() {
> > var answer;
> > answer = document.getElementById('answer');

>
> var answer = document.getElementById('answer');
>
> > if (hex_md5(answer.value) == answ_md5) {

>
> What is that function hex_md5() ???????????
>
> > return true;
> > } else {
> > document.getElementById('attempts').value++;
> > document.getElementById('error').innerHTML = 'Ключ "'+
> > answer.value +'" не подошел. Взлом неудачен.';

>
> Does not ring a bell here
>
> > answer.value = '';
> > answer.focus();
> > return false;
> > }
> >}
> > </script>

>
> Could you explain what you are trying to accomplish here?
> Is this your own code?
>
>
> > What can you do, it make a separate *.js file and make an include
> > statemnet in ur page. So the javascript part wont appear in the source
> > code of ur document, but the link to the js file will. So anyone would
> > be able to download it and read the code.

>
> Let us first concentrate on what you want to do?
>
> As I said earlier, clientside comparison needs to divulge the comparator
> string, unless perhaps you use a one way trapdoor function.
>
> Anyway even then the boolean result can easily be manipulated.
>
> "Smart programmers do it serverside!"
>
> --
> Evertjan.
> The Netherlands.
> (Please change the x'es to dots in my emailaddress)


 
Reply With Quote
 
Ruso
Guest
Posts: n/a
 
      11-09-2006
And btw here is the function md5()
http://hacker.sax777.com/md5.js


Ruso wrote:
> Evertjan, as I said I dont know hoe to do it, so I think its clear that
> it is not my own code.
>
> I just saw this in one on-line "game" like u have a question u type an
> answer and the next question/page appears if answer is coorect.
>
> So here is the link to it, and the js function is on the source page of
> each page with question.
> http://hacker.sax777.com/
>
> So you can check it urself.
>
> Evertjan. wrote:
> > Ruso wrote on 09 nov 2006 in comp.lang.javascript:
> >
> > > Evertjan. wrote:

> >
> > >>
> > >> However you clould send the to be tested value to the server from
> > >> clientside to be tested there and the result could be returned to the
> > >> client by AJAX like techniques.

> >
> > [Please do not toppost on usenet]
> >
> > > I've seen this done using checksums (md5), but I dont have a minor
> > > idea how to make a code.
> > >
> > > This is an example of how it done:
> > >
> > > <script language="JavaScript" type="text/JavaScript">

> >
> > do not use language="JavaScript"
> >
> > > var answ_md5;
> > > answ_md5 = '4136340c50a1f8b2286c0482cf3912f8';
> > > //IMHO FAKE checksum

> >
> > > answ_md5 = 'c81e728d9d4c2f636f067f89cc14862c';
> > > //IMHO
> > > REAL checksum

> >
> > REAL ??? In Javascript ??? Are you confusing languages?
> >
> > > function CheckAnswer() {
> > > var answer;
> > > answer = document.getElementById('answer');

> >
> > var answer = document.getElementById('answer');
> >
> > > if (hex_md5(answer.value) == answ_md5) {

> >
> > What is that function hex_md5() ???????????
> >
> > > return true;
> > > } else {
> > > document.getElementById('attempts').value++;
> > > document.getElementById('error').innerHTML = 'Ключ "'+
> > > answer.value +'" не подошел. Взлом неудачен.';

> >
> > Does not ring a bell here
> >
> > > answer.value = '';
> > > answer.focus();
> > > return false;
> > > }
> > >}
> > > </script>

> >
> > Could you explain what you are trying to accomplish here?
> > Is this your own code?
> >
> >
> > > What can you do, it make a separate *.js file and make an include
> > > statemnet in ur page. So the javascript part wont appear in the source
> > > code of ur document, but the link to the js file will. So anyone would
> > > be able to download it and read the code.

> >
> > Let us first concentrate on what you want to do?
> >
> > As I said earlier, clientside comparison needs to divulge the comparator
> > string, unless perhaps you use a one way trapdoor function.
> >
> > Anyway even then the boolean result can easily be manipulated.
> >
> > "Smart programmers do it serverside!"
> >
> > --
> > Evertjan.
> > The Netherlands.
> > (Please change the x'es to dots in my emailaddress)


 
Reply With Quote
 
Evertjan.
Guest
Posts: n/a
 
      11-09-2006
Ruso wrote on 09 nov 2006 in comp.lang.javascript:

> Evertjan, as I said I dont know hoe to do it, so I think its clear that
> it is not my own code.


[Please do not toppost on usenet]

--
Evertjan.
The Netherlands.
(Please change the x'es to dots in my emailaddress)
 
Reply With Quote
 
Ruso
Guest
Posts: n/a
 
      11-09-2006
Can you explain me what does toppost mean??

Thank you.


Evertjan. wrote:
> Ruso wrote on 09 nov 2006 in comp.lang.javascript:
>
> > Evertjan, as I said I dont know hoe to do it, so I think its clear that
> > it is not my own code.

>
> [Please do not toppost on usenet]
>
> --
> Evertjan.
> The Netherlands.
> (Please change the x'es to dots in my emailaddress)


 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Script for Hiding/Un-Hiding Text On Click Ste Javascript 41 08-01-2007 02:35 PM
Hiding the public members of a class without modifying the CLASS Brahmam ASP .Net 3 01-11-2006 12:00 AM
Firefox 1.0 open but hiding Liora Firefox 5 10-12-2005 04:23 AM
Py2exe... & hiding propritary stuff in the exe Will Python 3 02-18-2004 05:16 PM
Hiding of subprogram designators David Jones VHDL 1 11-18-2003 09:37 AM



Advertisments