Solve : Javascript runtime error??

1.	Solve : Javascript runtime error??
Answer» function p() { document.getElementById('txts').innerHTML = '$stuff'; } It says its on line 3. yes, it's php, i am echo () 'ing the code.Do you mean: Code: [Select]<php echo "function p() {\ndocument.getElementById('txts').innerHTML = '$stuff';\n}"; ?> That wouldn't work either, because you have a PHP variable in the middle of the JS, with incorrect apostrophies. WAIT: sorry, no it is right. We need the full code to tell you what's right and what isn't though.I nearly smacked you with my parsing hammer then, kpac. Heres the code. It's not the php, it's the JavaScript it echo's. Code: [Select]<?php $user = $_COOKIE['username251']; $web = file_get_contents("system/web_$user.txt"); $page = $_GET['page']; $a = "$web/$page.html"; if(file_exists($a)) { $stuff = file_get_contents($a); $stuff = str_replace("'", "\'", $stuff); $stuff = str_replace("\n", "", $stuff); echo " <script type='text/javascript'> function p() { document.getElementById('txts').innerHTML = '$stuff'; } setTimeout('p()', 1500); </script> "; echo "<tr><td valign='top'> <textarea id='txts' name='txts' style='width:100%; height:100%;'>Loading...</textarea></td></tr> "; } ?> Your PHP variable isn't correctly nestled. Code: [Select]<?php $user = $_COOKIE['username251']; $web = file_get_contents("system/web_$user.txt"); $page = $_GET['page']; $a = "$web/$page.html"; if(file_exists($a)) { $stuff = file_get_contents($a); $stuff = str_replace("'", "\'", $stuff); $stuff = str_replace("\n", "", $stuff); echo " <script type='text/javascript'> function p() { document.getElementById('txts').innerHTML = '" . $stuff . "'; } setTimeout('p()', 1500); </script> "; echo "<tr><td valign='top'> <textarea id='txts' name='txts' style='width:100%; height:100%;'>Loading...</textarea></td></tr> "; } ?> But it still worked... It got the CONTENTS and echo'd still.It echo's this: Code: [Select]<script type='text/javascript'> function p() { document.getElementById('txts').innerHTML = '<html><head><title>bailey</title> <link type=\'text/css\' rel=\'stylesheet\' href=\'http://herbertsworld.com/templates/xss_1.css\' /></head> <body background="http://herbertsworld.com/templates/bg1.jpg"><center><div id="A1"> <font style="margin:6px;border-bottom: 1px red dotted;" size=6>My Website Name</font> <br /><br /><br /><br /> <img src="http://herbertsworld.com/templates/banner1.jpg" title="My Website Logo" /> <div id="A2" name="FOOTER"><a href="http://herbertsworld.com/">Create a free website with HerbertsWorld</a></div></div></center></body> </html>'; } setTimeout('p()', 1500); </script> Fixed page widthHave you declared the setTimeout functino already? Can you put HTML tags inside a textarea? I think you'll have to convert it to ASCII. Quote from: kpac on June 10, 2009, 07:50:34 AM Your PHP variable isn't correctly nestled. No, that "nesting" is FINE. I warned you: whack That was my parsing hammer. Hurts, doesn't it? Check the errors generated - if you're using Firefox, install the Web Developer toolbar and check the ERROR console. I suspect there's a problem with your escaped apostrophes (\'). Javascript is not as nice as PHP in that department. Try using the htmlentities() function, viz: Code: [Select]echo " <script type='text/javascript'> function p() { document.getElementById('txts').innerHTML = '".htmlentities($stuff, ENT_QUOTES)."'; } setTimeout('p()', 1500); </script> "; In this case, you do of course have to break out of your double quotes, since you're using a function. Alternatively, you could do: Code: [Select]$stuff = htmlentities($stuff, ENT_QUOTES); echo " <script type='text/javascript'> function p() { document.getElementById('txts').innerHTML = '$stuff'; } setTimeout('p()', 1500); </script> ";

Answer»

function p() {
document.getElementById('txts').innerHTML = '$stuff';
}

It says its on line 3.

yes, it's php, i am echo () 'ing the code.Do you mean:

Code: [Select]<php

echo "function p() {\ndocument.getElementById('txts').innerHTML = '$stuff';\n}";

?>
That wouldn't work either, because you have a PHP variable in the middle of the JS, with incorrect apostrophies.

WAIT: sorry, no it is right.

We need the full code to tell you what's right and what isn't though.I nearly smacked you with my parsing hammer then, kpac.

Heres the code. It's not the php, it's the JavaScript it echo's.

Code: [Select]<?php
$user = $_COOKIE['username251'];
$web = file_get_contents("system/web_$user.txt");
$page = $_GET['page'];
$a = "$web/$page.html";
if(file_exists($a)) {
$stuff = file_get_contents($a);
$stuff = str_replace("'", "\'", $stuff);
$stuff = str_replace("\n", "", $stuff);

echo "
<script type='text/javascript'>
function p() {
document.getElementById('txts').innerHTML = '$stuff';
}
setTimeout('p()', 1500);
</script>

";
echo "<tr><td valign='top'>
<textarea id='txts' name='txts' style='width:100%; height:100%;'>Loading...</textarea></td></tr>
";
}
?>
Your PHP variable isn't correctly nestled.

Code: [Select]<?php
$user = $_COOKIE['username251'];
$web = file_get_contents("system/web_$user.txt");
$page = $_GET['page'];
$a = "$web/$page.html";
if(file_exists($a)) {
$stuff = file_get_contents($a);
$stuff = str_replace("'", "\'", $stuff);
$stuff = str_replace("\n", "", $stuff);

echo "
<script type='text/javascript'>
function p() {
document.getElementById('txts').innerHTML = '" . $stuff . "';
}
setTimeout('p()', 1500);
</script>

";
echo "<tr><td valign='top'>
<textarea id='txts' name='txts' style='width:100%; height:100%;'>Loading...</textarea></td></tr>
";
}
?>
But it still worked... It got the CONTENTS and echo'd still.It echo's this:

Code: [Select]<script type='text/javascript'>
function p() {
document.getElementById('txts').innerHTML = '<html><head><title>bailey</title>
<link type=\'text/css\' rel=\'stylesheet\' href=\'http://herbertsworld.com/templates/xss_1.css\' /></head>
<body background="http://herbertsworld.com/templates/bg1.jpg"><center><div id="A1">
<font style="margin:6px;border-bottom: 1px red dotted;" size=6>My Website Name</font>
<br /><br /><br /><br />
<img src="http://herbertsworld.com/templates/banner1.jpg" title="My Website Logo" />
<div id="A2" name="FOOTER"><a href="http://herbertsworld.com/">Create a free website with HerbertsWorld</a></div></div></center></body>
</html>';
}
setTimeout('p()', 1500);
</script>
Fixed page widthHave you declared the setTimeout functino already?

Can you put HTML tags inside a textarea? I think you'll have to convert it to ASCII. Quote from: kpac on June 10, 2009, 07:50:34 AM

Your PHP variable isn't correctly nestled.

No, that "nesting" is FINE. I warned you: *whack* That was my parsing hammer. Hurts, doesn't it?

Check the errors generated - if you're using Firefox, install the Web Developer toolbar and check the ERROR console. I suspect there's a problem with your escaped apostrophes (\'). Javascript is not as nice as PHP in that department. Try using the htmlentities() function, viz:

Code: [Select]echo "
<script type='text/javascript'>
function p() {
document.getElementById('txts').innerHTML = '".htmlentities($stuff, ENT_QUOTES)."';
}
setTimeout('p()', 1500);
</script>

";
In this case, you do of course have to break out of your double quotes, since you're using a function. Alternatively, you could do:

Code: [Select]$stuff = htmlentities($stuff, ENT_QUOTES);
echo "
<script type='text/javascript'>
function p() {
document.getElementById('txts').innerHTML = '$stuff';
}
setTimeout('p()', 1500);
</script>

";

Solve : Javascript runtime error??

Discussion

No Comment Found

Related InterviewSolutions

Reply to Comment