setting window size and php

Discussion in 'Javascript' started by Annette Block, Sep 29, 2008.

  1. I'm rather new in JavaScript, but I have some experience in php.
    I learned it's rather easy to open a window of a specified size with
    JavaScript, that you need to specify the opened file, but I don't see
    how to do that in php.
    The file I want to open is "detail.php?item=$item". This generates a
    query, which results in a table of at most 5x3 items. I want a window
    size that is of an appropriate size. I tried:
    <HEAD>
    <SCRIPT TYPE="text/javascript" LANGUAGE="JavaScript">
    <!--
    function NewWindow() {
    window.open("detail.php?item=$item", "new", "width=500, height=300");
    }
    //-->
    </SCRIPT>
    - - - -
    </HEAD>
    and as hyperlink
    <A HREF="detail.php?item=$item" TARGET="new" onClick="NewWindow();
    return false;">details</A>

    As a matter of fact I tried in the header more than just the example
    shown, but no result. With this I came closest, getting a message that
    my SQL syntax was wrong. Which isn't.

    I also tried setting the window size within the details.php. But then
    all windows became of the same size.

    I know that php is server-side and JavaScript is client-side.

    Any help or hint will be appreciated.
    Annette
    Annette Block, Sep 29, 2008
    #1
    1. Advertising

  2. Annette Block

    Erwin Moller Guest

    Annette Block schreef:

    Hi Annette,

    > I'm rather new in JavaScript, but I have some experience in php.
    > I learned it's rather easy to open a window of a specified size with
    > JavaScript, that you need to specify the opened file, but I don't see
    > how to do that in php.


    Well, you let PHP just put in the right values for JavaScript to use.

    > The file I want to open is "detail.php?item=$item". This generates a
    > query, which results in a table of at most 5x3 items. I want a window
    > size that is of an appropriate size. I tried:
    > <HEAD>
    > <SCRIPT TYPE="text/javascript" LANGUAGE="JavaScript">


    Leave out LANGUAGE="JavaScript".


    > <!--


    Stop using the <!-- also. ;-)


    > function NewWindow() {
    > window.open("detail.php?item=$item", "new", "width=500, height=300");
    > }
    > //-->
    > </SCRIPT>
    > - - - -
    > </HEAD>
    > and as hyperlink
    > <A HREF="detail.php?item=$item" TARGET="new" onClick="NewWindow();
    > return false;">details</A>


    Excactly.
    And you don't want $item of course, you want its value.

    So why don't you put it there? Like this:
    <A HREF="detail.php?item=<?php echo $item; ?>" TARGET="new"
    onClick="NewWindow(); return false;">details</A>


    >
    > As a matter of fact I tried in the header more than just the example
    > shown, but no result. With this I came closest, getting a message that
    > my SQL syntax was wrong. Which isn't.


    That means more is wrong.
    I bet your SQL is vunurable to SQL injection.
    If you from PHP take a value from the user, theat it like dangerous
    stuff that will try to corrupt your database. Never trust it.

    SO, do this:
    $itemPassed = (int)$_GET["item"];
    when you expect an integer.

    If you expect a string, make sure you escape it well before feeding to
    your database.
    It is VERY EASY to pass a value that will delete everything in your
    database.

    Google for SQL injection for more info.


    >
    > I also tried setting the window size within the details.php. But then
    > all windows became of the same size.


    SInce you didn't show us code that should do that, we cannot possibly
    comment on it.

    >
    > I know that php is server-side and JavaScript is client-side.


    Yes.

    >
    > Any help or hint will be appreciated.
    > Annette


    Regards,
    Erwin Moller
    --
    ============================
    Erwin Moller
    Now dropping all postings from googlegroups.
    Why? http://improve-usenet.org/
    ============================
    Erwin Moller, Sep 29, 2008
    #2
    1. Advertising

  3. On Mon, 29 Sep 2008 13:22:57 +0200 wrote Erwin Moller
    <>:

    >
    >Annette Block schreef:
    >
    >Hi Annette,
    >
    >> I'm rather new in JavaScript, but I have some experience in php.
    >> I learned it's rather easy to open a window of a specified size with
    >> JavaScript, that you need to specify the opened file, but I don't see
    >> how to do that in php.

    >
    >Well, you let PHP just put in the right values for JavaScript to use.
    >
    >> The file I want to open is "detail.php?item=$item". This generates a
    >> query, which results in a table of at most 5x3 items. I want a window
    >> size that is of an appropriate size. I tried:
    >> <HEAD>
    >> <SCRIPT TYPE="text/javascript" LANGUAGE="JavaScript">

    >
    >Leave out LANGUAGE="JavaScript".
    >
    >
    >> <!--

    >
    >Stop using the <!-- also. ;-)
    >
    >
    >> function NewWindow() {
    >> window.open("detail.php?item=$item", "new", "width=500, height=300");
    >> }
    >> //-->
    >> </SCRIPT>
    >> - - - -
    >> </HEAD>
    >> and as hyperlink
    >> <A HREF="detail.php?item=$item" TARGET="new" onClick="NewWindow();
    >> return false;">details</A>

    >
    >Excactly.
    >And you don't want $item of course, you want its value.
    >
    >So why don't you put it there? Like this:
    ><A HREF="detail.php?item=<?php echo $item; ?>" TARGET="new"
    >onClick="NewWindow(); return false;">details</A>
    >
    >
    >>
    >> As a matter of fact I tried in the header more than just the example
    >> shown, but no result. With this I came closest, getting a message that
    >> my SQL syntax was wrong. Which isn't.

    >
    >That means more is wrong.
    >I bet your SQL is vunurable to SQL injection.
    >If you from PHP take a value from the user, theat it like dangerous
    >stuff that will try to corrupt your database. Never trust it.
    >
    >SO, do this:
    >$itemPassed = (int)$_GET["item"];
    >when you expect an integer.
    >
    >If you expect a string, make sure you escape it well before feeding to
    >your database.
    >It is VERY EASY to pass a value that will delete everything in your
    >database.
    >
    >Google for SQL injection for more info.
    >
    >
    >>
    >> I also tried setting the window size within the details.php. But then
    >> all windows became of the same size.

    >
    >SInce you didn't show us code that should do that, we cannot possibly
    >comment on it.
    >
    >>
    >> I know that php is server-side and JavaScript is client-side.

    >
    >Yes.
    >
    >>
    >> Any help or hint will be appreciated.
    >> Annette

    >
    >Regards,
    >Erwin Moller


    Thank you, Erwin.
    Your tips were very helpful. Now I get a window of the right size,
    that is in IE. In Firefox it is still a whole page, but I prefer to
    count my blessings.
    I'm aware of the danger of getting wrong input. In this case the user
    can only click on a number and, if he /she wishes so, more details and
    backgrounds are given.
    However a strange thing happened. I got an error message saying that
    there is an unknown column '$item' in 'where clause'. Of course there
    is a column called 'item'. Somehow the value is not transferred. This
    is also strange as I get no signal about when moving the mouse over
    the hyperlink. I guess this is PHP, so I trust I'll manage sooner or
    later. But thanks for your help.
    Regards,
    Annette
    Annette Block, Sep 29, 2008
    #3
  4. Annette Block

    Erwin Moller Guest

    Annette Block schreef:
    > On Mon, 29 Sep 2008 13:22:57 +0200 wrote Erwin Moller
    > <>:
    >
    >> Annette Block schreef:
    >>
    >> Hi Annette,
    >>
    >>> I'm rather new in JavaScript, but I have some experience in php.
    >>> I learned it's rather easy to open a window of a specified size with
    >>> JavaScript, that you need to specify the opened file, but I don't see
    >>> how to do that in php.

    >> Well, you let PHP just put in the right values for JavaScript to use.
    >>
    >>> The file I want to open is "detail.php?item=$item". This generates a
    >>> query, which results in a table of at most 5x3 items. I want a window
    >>> size that is of an appropriate size. I tried:
    >>> <HEAD>
    >>> <SCRIPT TYPE="text/javascript" LANGUAGE="JavaScript">

    >> Leave out LANGUAGE="JavaScript".
    >>
    >>
    >>> <!--

    >> Stop using the <!-- also. ;-)
    >>
    >>
    >>> function NewWindow() {
    >>> window.open("detail.php?item=$item", "new", "width=500, height=300");
    >>> }
    >>> //-->
    >>> </SCRIPT>
    >>> - - - -
    >>> </HEAD>
    >>> and as hyperlink
    >>> <A HREF="detail.php?item=$item" TARGET="new" onClick="NewWindow();
    >>> return false;">details</A>

    >> Excactly.
    >> And you don't want $item of course, you want its value.
    >>
    >> So why don't you put it there? Like this:
    >> <A HREF="detail.php?item=<?php echo $item; ?>" TARGET="new"
    >> onClick="NewWindow(); return false;">details</A>
    >>
    >>
    >>> As a matter of fact I tried in the header more than just the example
    >>> shown, but no result. With this I came closest, getting a message that
    >>> my SQL syntax was wrong. Which isn't.

    >> That means more is wrong.
    >> I bet your SQL is vunurable to SQL injection.
    >> If you from PHP take a value from the user, theat it like dangerous
    >> stuff that will try to corrupt your database. Never trust it.
    >>
    >> SO, do this:
    >> $itemPassed = (int)$_GET["item"];
    >> when you expect an integer.
    >>
    >> If you expect a string, make sure you escape it well before feeding to
    >> your database.
    >> It is VERY EASY to pass a value that will delete everything in your
    >> database.
    >>
    >> Google for SQL injection for more info.
    >>
    >>
    >>> I also tried setting the window size within the details.php. But then
    >>> all windows became of the same size.

    >> SInce you didn't show us code that should do that, we cannot possibly
    >> comment on it.
    >>
    >>> I know that php is server-side and JavaScript is client-side.

    >> Yes.
    >>
    >>> Any help or hint will be appreciated.
    >>> Annette

    >> Regards,
    >> Erwin Moller

    >
    > Thank you, Erwin.
    > Your tips were very helpful. Now I get a window of the right size,
    > that is in IE. In Firefox it is still a whole page, but I prefer to
    > count my blessings.
    > I'm aware of the danger of getting wrong input. In this case the user
    > can only click on a number and, if he /she wishes so, more details and
    > backgrounds are given.
    > However a strange thing happened. I got an error message saying that
    > there is an unknown column '$item' in 'where clause'. Of course there
    > is a column called 'item'. Somehow the value is not transferred. This
    > is also strange as I get no signal about when moving the mouse over
    > the hyperlink. I guess this is PHP, so I trust I'll manage sooner or
    > later. But thanks for your help.
    > Regards,
    > Annette


    Hi Annette,

    A few tips about debugging that helped me a lot:
    1) When debugging HTML, always FIRST do a 'view source' of the results
    PHP sent you. Simply check if all the things you want in the page are
    put there with their right values.
    2) When debugging postings/requests from a browser to PHP, simply do this:

    echo "<pre>";
    print_r($_POST);
    echo "</pre>";
    exit;

    Or $_GET, or whatever you want to see.
    That way you can easily see WHAT the browser is sending you.

    Best of luck.
    If you need more help with PHP: comp.lang.php

    Regards,
    Erwin Moller

    --
    ============================
    Erwin Moller
    Now dropping all postings from googlegroups.
    Why? http://improve-usenet.org/
    ============================
    Erwin Moller, Sep 30, 2008
    #4
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Dino Buljubasic
    Replies:
    3
    Views:
    7,423
    Rob D
    Sep 25, 2004
  2. tshad
    Replies:
    2
    Views:
    421
    tshad
    Feb 8, 2007
  3. Jason Cavett

    Preferred Size, Minimum Size, Size

    Jason Cavett, May 23, 2008, in forum: Java
    Replies:
    5
    Views:
    12,559
    Michael Jung
    May 25, 2008
  4. Rajive Narain
    Replies:
    0
    Views:
    1,667
    Rajive Narain
    Sep 18, 2009
  5. jodleren

    Getting picture size/setting window size

    jodleren, Feb 14, 2007, in forum: Javascript
    Replies:
    2
    Views:
    154
    jodleren
    Feb 15, 2007
Loading...

Share This Page