hiding stuff

Discussion in 'Javascript' started by Jake G, Nov 9, 2006.

  1. Jake G

    Jake G Guest

    Does anyone know how I can access a variable if I set its value inside
    <%@ language="javascript" %>
    <%
    var whatever = 1234
    %>
    Then later I want to check that variables value to make sure a user can
    proceed.

    I tried writing it out to a hidden field, but the value still appears
    in the source. So either I want to make it not show up in the source,
    or be able to access it later would both be acceptable solutions.


    Help?!?!??!
    Jake G, Nov 9, 2006
    #1
    1. Advertising

  2. Jake G

    Evertjan. Guest

    Jake G wrote on 09 nov 2006 in comp.lang.javascript:

    > Does anyone know how I can access a variable if I set its value inside
    > <%@ language="javascript" %>
    > <% var whatever = 1234 %>


    That is serverside code on an ASP platform,
    the variable value is not sent to the client browser.

    > Then later I want to check that variables value to make sure a user can
    > proceed.


    You can only do that clientside, or you have to send it to the client in
    the HTML like this:

    <% = whatever %>

    > I tried writing it out to a hidden field, but the value still appears
    > in the source. So either I want to make it not show up in the source,
    > or be able to access it later would both be acceptable solutions.


    Impossible, unless you use AJAX to fetch it later from the server, where
    you should have put it in a session variable or a database field.

    Even then, if you want to compare a value clientside, you will have to send
    it to the client.

    However you clould send the to be tested value to the server from
    clientside to be tested there and the result could be returned to the
    client by AJAX like techniques.

    --
    Evertjan.
    The Netherlands.
    (Please change the x'es to dots in my emailaddress)
    Evertjan., Nov 9, 2006
    #2
    1. Advertising

  3. Jake G

    Ruso Guest

    I've seen this done using checksums (md5), but I dont have a minor idea
    how to make a code.

    This is an example of how it done:

    <script language="JavaScript" type="text/JavaScript">
    var answ_md5;
    answ_md5 = '4136340c50a1f8b2286c0482cf3912f8'; //IMHO FAKE checksum
    answ_md5 = 'c81e728d9d4c2f636f067f89cc14862c'; //IMHO
    REAL checksum
    function CheckAnswer() {
    var answer;
    answer = document.getElementById('answer');
    if (hex_md5(answer.value) == answ_md5) {
    return true;
    } else {
    document.getElementById('attempts').value++;
    document.getElementById('error').innerHTML = 'Ключ "'+
    answer.value +'" не подошел. Взлом неудачен.';
    answer.value = '';
    answer.focus();
    return false;
    }
    }
    </script>


    What can you do, it make a separate *.js file and make an include
    statemnet in ur page. So the javascript part wont appear in the source
    code of ur document, but the link to the js file will. So anyone would
    be able to download it and read the code.


    Evertjan. wrote:
    > Jake G wrote on 09 nov 2006 in comp.lang.javascript:
    >
    > > Does anyone know how I can access a variable if I set its value inside
    > > <%@ language="javascript" %>
    > > <% var whatever = 1234 %>

    >
    > That is serverside code on an ASP platform,
    > the variable value is not sent to the client browser.
    >
    > > Then later I want to check that variables value to make sure a user can
    > > proceed.

    >
    > You can only do that clientside, or you have to send it to the client in
    > the HTML like this:
    >
    > <% = whatever %>
    >
    > > I tried writing it out to a hidden field, but the value still appears
    > > in the source. So either I want to make it not show up in the source,
    > > or be able to access it later would both be acceptable solutions.

    >
    > Impossible, unless you use AJAX to fetch it later from the server, where
    > you should have put it in a session variable or a database field.
    >
    > Even then, if you want to compare a value clientside, you will have to send
    > it to the client.
    >
    > However you clould send the to be tested value to the server from
    > clientside to be tested there and the result could be returned to the
    > client by AJAX like techniques.
    >
    > --
    > Evertjan.
    > The Netherlands.
    > (Please change the x'es to dots in my emailaddress)
    Ruso, Nov 9, 2006
    #3
  4. Jake G

    Evertjan. Guest

    Ruso wrote on 09 nov 2006 in comp.lang.javascript:

    > Evertjan. wrote:


    >>
    >> However you clould send the to be tested value to the server from
    >> clientside to be tested there and the result could be returned to the
    >> client by AJAX like techniques.


    [Please do not toppost on usenet]

    > I've seen this done using checksums (md5), but I dont have a minor
    > idea how to make a code.
    >
    > This is an example of how it done:
    >
    > <script language="JavaScript" type="text/JavaScript">


    do not use language="JavaScript"

    > var answ_md5;
    > answ_md5 = '4136340c50a1f8b2286c0482cf3912f8';
    > //IMHO FAKE checksum


    > answ_md5 = 'c81e728d9d4c2f636f067f89cc14862c';
    > //IMHO
    > REAL checksum


    REAL ??? In Javascript ??? Are you confusing languages?

    > function CheckAnswer() {
    > var answer;
    > answer = document.getElementById('answer');


    var answer = document.getElementById('answer');

    > if (hex_md5(answer.value) == answ_md5) {


    What is that function hex_md5() ???????????

    > return true;
    > } else {
    > document.getElementById('attempts').value++;
    > document.getElementById('error').innerHTML = 'Ключ "'+
    > answer.value +'" не подошел. Взлом неудачен.';


    Does not ring a bell here ;-)

    > answer.value = '';
    > answer.focus();
    > return false;
    > }
    >}
    > </script>


    Could you explain what you are trying to accomplish here?
    Is this your own code?


    > What can you do, it make a separate *.js file and make an include
    > statemnet in ur page. So the javascript part wont appear in the source
    > code of ur document, but the link to the js file will. So anyone would
    > be able to download it and read the code.


    Let us first concentrate on what you want to do?

    As I said earlier, clientside comparison needs to divulge the comparator
    string, unless perhaps you use a one way trapdoor function.

    Anyway even then the boolean result can easily be manipulated.

    "Smart programmers do it serverside!"

    --
    Evertjan.
    The Netherlands.
    (Please change the x'es to dots in my emailaddress)
    Evertjan., Nov 9, 2006
    #4
  5. Jake G

    Ruso Guest

    Evertjan, as I said I dont know hoe to do it, so I think its clear that
    it is not my own code. :)

    I just saw this in one on-line "game" like u have a question u type an
    answer and the next question/page appears if answer is coorect.

    So here is the link to it, and the js function is on the source page of
    each page with question.
    http://hacker.sax777.com/

    So you can check it urself.

    Evertjan. wrote:
    > Ruso wrote on 09 nov 2006 in comp.lang.javascript:
    >
    > > Evertjan. wrote:

    >
    > >>
    > >> However you clould send the to be tested value to the server from
    > >> clientside to be tested there and the result could be returned to the
    > >> client by AJAX like techniques.

    >
    > [Please do not toppost on usenet]
    >
    > > I've seen this done using checksums (md5), but I dont have a minor
    > > idea how to make a code.
    > >
    > > This is an example of how it done:
    > >
    > > <script language="JavaScript" type="text/JavaScript">

    >
    > do not use language="JavaScript"
    >
    > > var answ_md5;
    > > answ_md5 = '4136340c50a1f8b2286c0482cf3912f8';
    > > //IMHO FAKE checksum

    >
    > > answ_md5 = 'c81e728d9d4c2f636f067f89cc14862c';
    > > //IMHO
    > > REAL checksum

    >
    > REAL ??? In Javascript ??? Are you confusing languages?
    >
    > > function CheckAnswer() {
    > > var answer;
    > > answer = document.getElementById('answer');

    >
    > var answer = document.getElementById('answer');
    >
    > > if (hex_md5(answer.value) == answ_md5) {

    >
    > What is that function hex_md5() ???????????
    >
    > > return true;
    > > } else {
    > > document.getElementById('attempts').value++;
    > > document.getElementById('error').innerHTML = 'Ключ "'+
    > > answer.value +'" не подошел. Взлом неудачен.';

    >
    > Does not ring a bell here ;-)
    >
    > > answer.value = '';
    > > answer.focus();
    > > return false;
    > > }
    > >}
    > > </script>

    >
    > Could you explain what you are trying to accomplish here?
    > Is this your own code?
    >
    >
    > > What can you do, it make a separate *.js file and make an include
    > > statemnet in ur page. So the javascript part wont appear in the source
    > > code of ur document, but the link to the js file will. So anyone would
    > > be able to download it and read the code.

    >
    > Let us first concentrate on what you want to do?
    >
    > As I said earlier, clientside comparison needs to divulge the comparator
    > string, unless perhaps you use a one way trapdoor function.
    >
    > Anyway even then the boolean result can easily be manipulated.
    >
    > "Smart programmers do it serverside!"
    >
    > --
    > Evertjan.
    > The Netherlands.
    > (Please change the x'es to dots in my emailaddress)
    Ruso, Nov 9, 2006
    #5
  6. Jake G

    Ruso Guest

    And btw here is the function md5()
    http://hacker.sax777.com/md5.js


    Ruso wrote:
    > Evertjan, as I said I dont know hoe to do it, so I think its clear that
    > it is not my own code. :)
    >
    > I just saw this in one on-line "game" like u have a question u type an
    > answer and the next question/page appears if answer is coorect.
    >
    > So here is the link to it, and the js function is on the source page of
    > each page with question.
    > http://hacker.sax777.com/
    >
    > So you can check it urself.
    >
    > Evertjan. wrote:
    > > Ruso wrote on 09 nov 2006 in comp.lang.javascript:
    > >
    > > > Evertjan. wrote:

    > >
    > > >>
    > > >> However you clould send the to be tested value to the server from
    > > >> clientside to be tested there and the result could be returned to the
    > > >> client by AJAX like techniques.

    > >
    > > [Please do not toppost on usenet]
    > >
    > > > I've seen this done using checksums (md5), but I dont have a minor
    > > > idea how to make a code.
    > > >
    > > > This is an example of how it done:
    > > >
    > > > <script language="JavaScript" type="text/JavaScript">

    > >
    > > do not use language="JavaScript"
    > >
    > > > var answ_md5;
    > > > answ_md5 = '4136340c50a1f8b2286c0482cf3912f8';
    > > > //IMHO FAKE checksum

    > >
    > > > answ_md5 = 'c81e728d9d4c2f636f067f89cc14862c';
    > > > //IMHO
    > > > REAL checksum

    > >
    > > REAL ??? In Javascript ??? Are you confusing languages?
    > >
    > > > function CheckAnswer() {
    > > > var answer;
    > > > answer = document.getElementById('answer');

    > >
    > > var answer = document.getElementById('answer');
    > >
    > > > if (hex_md5(answer.value) == answ_md5) {

    > >
    > > What is that function hex_md5() ???????????
    > >
    > > > return true;
    > > > } else {
    > > > document.getElementById('attempts').value++;
    > > > document.getElementById('error').innerHTML = 'Ключ "'+
    > > > answer.value +'" не подошел. Взлом неудачен.';

    > >
    > > Does not ring a bell here ;-)
    > >
    > > > answer.value = '';
    > > > answer.focus();
    > > > return false;
    > > > }
    > > >}
    > > > </script>

    > >
    > > Could you explain what you are trying to accomplish here?
    > > Is this your own code?
    > >
    > >
    > > > What can you do, it make a separate *.js file and make an include
    > > > statemnet in ur page. So the javascript part wont appear in the source
    > > > code of ur document, but the link to the js file will. So anyone would
    > > > be able to download it and read the code.

    > >
    > > Let us first concentrate on what you want to do?
    > >
    > > As I said earlier, clientside comparison needs to divulge the comparator
    > > string, unless perhaps you use a one way trapdoor function.
    > >
    > > Anyway even then the boolean result can easily be manipulated.
    > >
    > > "Smart programmers do it serverside!"
    > >
    > > --
    > > Evertjan.
    > > The Netherlands.
    > > (Please change the x'es to dots in my emailaddress)
    Ruso, Nov 9, 2006
    #6
  7. Jake G

    Evertjan. Guest

    Ruso wrote on 09 nov 2006 in comp.lang.javascript:

    > Evertjan, as I said I dont know hoe to do it, so I think its clear that
    > it is not my own code. :)


    [Please do not toppost on usenet]

    --
    Evertjan.
    The Netherlands.
    (Please change the x'es to dots in my emailaddress)
    Evertjan., Nov 9, 2006
    #7
  8. Jake G

    Ruso Guest

    Can you explain me what does toppost mean??

    Thank you.


    Evertjan. wrote:
    > Ruso wrote on 09 nov 2006 in comp.lang.javascript:
    >
    > > Evertjan, as I said I dont know hoe to do it, so I think its clear that
    > > it is not my own code. :)

    >
    > [Please do not toppost on usenet]
    >
    > --
    > Evertjan.
    > The Netherlands.
    > (Please change the x'es to dots in my emailaddress)
    Ruso, Nov 9, 2006
    #8
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. ALuPin
    Replies:
    4
    Views:
    837
    Nachiket Kapre
    Jul 13, 2004
  2. Tom  Verbeure

    Re: Programable Logic & Video stuff

    Tom Verbeure, Jul 12, 2004, in forum: VHDL
    Replies:
    1
    Views:
    471
    john jakson
    Jul 13, 2004
  3. WildHare

    Curious Session Stuff

    WildHare, Jul 16, 2003, in forum: ASP .Net
    Replies:
    0
    Views:
    338
    WildHare
    Jul 16, 2003
  4. Will
    Replies:
    3
    Views:
    340
  5. Ste
    Replies:
    41
    Views:
    808
    Thomas 'PointedEars' Lahn
    Aug 1, 2007
Loading...

Share This Page