hiding stuff

[Jake G]

Does anyone know how I can access a variable if I set its value inside
<%@ language="javascript" %>
<%
var whatever = 1234
%>
Then later I want to check that variables value to make sure a user can
proceed.

I tried writing it out to a hidden field, but the value still appears
in the source. So either I want to make it not show up in the source,
or be able to access it later would both be acceptable solutions.


Help?!?!??!

 

[Evertjan.]

Jake G wrote on 09 nov 2006 in comp.lang.javascript:

Does anyone know how I can access a variable if I set its value inside
<%@ language="javascript" %>
<% var whatever = 1234 %>

That is serverside code on an ASP platform,
the variable value is not sent to the client browser.

Then later I want to check that variables value to make sure a user can
proceed.

You can only do that clientside, or you have to send it to the client in
the HTML like this:

I tried writing it out to a hidden field, but the value still appears
in the source. So either I want to make it not show up in the source,
or be able to access it later would both be acceptable solutions.

Impossible, unless you use AJAX to fetch it later from the server, where
you should have put it in a session variable or a database field.

Even then, if you want to compare a value clientside, you will have to send
it to the client.

However you clould send the to be tested value to the server from
clientside to be tested there and the result could be returned to the
client by AJAX like techniques.

 

[Ruso]

I've seen this done using checksums (md5), but I dont have a minor idea
how to make a code.

This is an example of how it done:

<script language="JavaScript" type="text/JavaScript">
var answ_md5;
answ_md5 = '4136340c50a1f8b2286c0482cf3912f8'; //IMHO FAKE checksum
answ_md5 = 'c81e728d9d4c2f636f067f89cc14862c'; //IMHO
REAL checksum
function CheckAnswer() {
var answer;
answer = document.getElementById('answer');
if (hex_md5(answer.value) == answ_md5) {
return true;
} else {
document.getElementById('attempts').value++;
document.getElementById('error').innerHTML = 'Ключ "'+
answer.value +'" не подошел. Взлом неудачен.';
answer.value = '';
answer.focus();
return false;
}
}
</script>


What can you do, it make a separate *.js file and make an include
statemnet in ur page. So the javascript part wont appear in the source
code of ur document, but the link to the js file will. So anyone would
be able to download it and read the code.

 

[Evertjan.]

Ruso wrote on 09 nov 2006 in comp.lang.javascript:

Evertjan. wrote:

[Please do not toppost on usenet]

I've seen this done using checksums (md5), but I dont have a minor
idea how to make a code.

This is an example of how it done:

<script language="JavaScript" type="text/JavaScript">

do not use language="JavaScript"

var answ_md5;
answ_md5 = '4136340c50a1f8b2286c0482cf3912f8';
//IMHO FAKE checksum

answ_md5 = 'c81e728d9d4c2f636f067f89cc14862c';
//IMHO
REAL checksum

REAL ??? In Javascript ??? Are you confusing languages?

function CheckAnswer() {
var answer;
answer = document.getElementById('answer');

var answer = document.getElementById('answer');

if (hex_md5(answer.value) == answ_md5) {

What is that function hex_md5() ???????????

return true;
} else {
document.getElementById('attempts').value++;
document.getElementById('error').innerHTML = 'Ключ "'+
answer.value +'" не подошел. Взлом неудачен.';

Does not ring a bell here ;-)

answer.value = '';
answer.focus();
return false;
}
}
</script>

Could you explain what you are trying to accomplish here?
Is this your own code?

What can you do, it make a separate *.js file and make an include
statemnet in ur page. So the javascript part wont appear in the source
code of ur document, but the link to the js file will. So anyone would
be able to download it and read the code.

Let us first concentrate on what you want to do?

As I said earlier, clientside comparison needs to divulge the comparator
string, unless perhaps you use a one way trapdoor function.

Anyway even then the boolean result can easily be manipulated.

"Smart programmers do it serverside!"

 

[Ruso]

Evertjan, as I said I dont know hoe to do it, so I think its clear that
it is not my own code.

I just saw this in one on-line "game" like u have a question u type an
answer and the next question/page appears if answer is coorect.

So here is the link to it, and the js function is on the source page of
each page with question.
http://hacker.sax777.com/

So you can check it urself.

Ruso wrote on 09 nov 2006 in comp.lang.javascript:

Evertjan. wrote:

[Please do not toppost on usenet]

I've seen this done using checksums (md5), but I dont have a minor
idea how to make a code.

This is an example of how it done:

<script language="JavaScript" type="text/JavaScript">

do not use language="JavaScript"

var answ_md5;
answ_md5 = '4136340c50a1f8b2286c0482cf3912f8';
//IMHO FAKE checksum

answ_md5 = 'c81e728d9d4c2f636f067f89cc14862c';
//IMHO
REAL checksum

REAL ??? In Javascript ??? Are you confusing languages?

function CheckAnswer() {
var answer;
answer = document.getElementById('answer');

var answer = document.getElementById('answer');

if (hex_md5(answer.value) == answ_md5) {

What is that function hex_md5() ???????????

return true;
} else {
document.getElementById('attempts').value++;
document.getElementById('error').innerHTML = 'Ключ "'+
answer.value +'" не подошел. Взлом неудачен.';

Does not ring a bell here ;-)

answer.value = '';
answer.focus();
return false;
}
}
</script>

Could you explain what you are trying to accomplish here?
Is this your own code?

What can you do, it make a separate *.js file and make an include
statemnet in ur page. So the javascript part wont appear in the source
code of ur document, but the link to the js file will. So anyone would
be able to download it and read the code.

Let us first concentrate on what you want to do?

As I said earlier, clientside comparison needs to divulge the comparator
string, unless perhaps you use a one way trapdoor function.

Anyway even then the boolean result can easily be manipulated.

"Smart programmers do it serverside!"

 

[Ruso]

And btw here is the function md5()
http://hacker.sax777.com/md5.js

Evertjan, as I said I dont know hoe to do it, so I think its clear that
it is not my own code.

I just saw this in one on-line "game" like u have a question u type an
answer and the next question/page appears if answer is coorect.

So here is the link to it, and the js function is on the source page of
each page with question.
http://hacker.sax777.com/

So you can check it urself.

Ruso wrote on 09 nov 2006 in comp.lang.javascript:

Evertjan. wrote:

However you clould send the to be tested value to the server from
clientside to be tested there and the result could be returned to the
client by AJAX like techniques.

[Please do not toppost on usenet]

I've seen this done using checksums (md5), but I dont have a minor
idea how to make a code.

This is an example of how it done:

<script language="JavaScript" type="text/JavaScript">

do not use language="JavaScript"

var answ_md5;
answ_md5 = '4136340c50a1f8b2286c0482cf3912f8';
//IMHO FAKE checksum

answ_md5 = 'c81e728d9d4c2f636f067f89cc14862c';
//IMHO
REAL checksum

REAL ??? In Javascript ??? Are you confusing languages?

function CheckAnswer() {
var answer;
answer = document.getElementById('answer');

var answer = document.getElementById('answer');

if (hex_md5(answer.value) == answ_md5) {

What is that function hex_md5() ???????????

return true;
} else {
document.getElementById('attempts').value++;
document.getElementById('error').innerHTML = 'Ключ "'+
answer.value +'" не подошел. Взлом неудачен.';

Does not ring a bell here ;-)

answer.value = '';
answer.focus();
return false;
}
}
</script>

Could you explain what you are trying to accomplish here?
Is this your own code?

What can you do, it make a separate *.js file and make an include
statemnet in ur page. So the javascript part wont appear in the source
code of ur document, but the link to the js file will. So anyone would
be able to download it and read the code.

Let us first concentrate on what you want to do?

As I said earlier, clientside comparison needs to divulge the comparator
string, unless perhaps you use a one way trapdoor function.

Anyway even then the boolean result can easily be manipulated.

"Smart programmers do it serverside!"

 

[Evertjan.]

Ruso wrote on 09 nov 2006 in comp.lang.javascript:

Evertjan, as I said I dont know hoe to do it, so I think its clear that
it is not my own code.

[Please do not toppost on usenet]

 

[Ruso]

Can you explain me what does toppost mean??

Thank you.

Ruso wrote on 09 nov 2006 in comp.lang.javascript:

Evertjan, as I said I dont know hoe to do it, so I think its clear that
it is not my own code.

[Please do not toppost on usenet]