Archive for September, 2006

AJAX file upload

Friday, September 22nd, 2006

Actually i didnt find the way to upload files with AJAX. And may be its not possible. Here i did a tricks by adding form attribute [ target=”addImageFrame” ] where addImageFrame is a dummy iframe’s ID. SO whenever this form is being submitted its actually tageting that iframe and the page becomes unchanged. Here i’m using AJAX only to track wheather the file is uploaded or not and if upload complete AJAX is just returning the file name and path.

Here when you’l test it you will see a progressbar on it. This is also fake actually. Its not the actual progressbar for uploading an images. When i’m sending request for images upload i’m setting that progress bar image and when i get the image path i’m removing that image. This is not the 100% accurate progressbar but its pretty well enough. I’l write about progressbar later.

Here is the Demo

Posted in AJAX | 3 Comments »

Form Submit in different way

Tuesday, September 19th, 2006

Few days ago i was working on a pager script where i have to submit a form manually to send a page. But due to user requirements thats need to send in delay and i was about to use CRON job for that. But this time i was in deep problem to send that page. I was using CURL, fsockopen and many others way to submit the form but none of those works for unknown reason. It was really a funny problem but at least i solved that.

Here i want to discuss about the different way to submit a form.

Traditional Form Submit:
This is the most common form uses everywhere.

< form action="targetpage.php" name="myForm">
[form elements]
< input type="submit" value="send" name="send" />
< /form >

JavaScript Form Submit:

You can call a javascript function at any event for example onClick at button or OnChange at combo box and so on. And inside your javascript just write the line above.

document.myForm.submit();

CURL Form Submit:
This technique is rarely used in our application but we can submit any form using CURL just like normal form. Here is an example :

$ch = curl_init();
curl_setopt ($ch, CURLOPT_URL, $url); // set the post-to url
curl_setopt ($ch, CURLOPT_HEADER, 1); // Header control
curl_setopt ($ch, CURLOPT_POST, 1); // tell it to make a POST, not a GET
curl_setopt ($ch, CURLOPT_POSTFIELDS, urlencode($queryString));
curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 0);
$response = curl_exec($ch);
curl_close ($ch);

FSOCKOPEN Form Submit:

This is also rarely used in our general application. For the Internet domain, it will open a TCP socket connection to hostname on port port. hostname may in this case be either a fully qualified domain name or an IP address. Here is a sample code:

$method =”GET” ; // POST or GET define here
$fp = fsockopen($host,80);
if ($method == ‘GET’)
$path .= ‘?’ . $data;
fputs($fp, “$method $path HTTP/1.1\n”);
fputs($fp, “Host: $host\n”);
fputs($fp, “Content-type: application/x-www-form-urlencoded\n”);
fputs($fp, “Content-length: ” . strlen($data) . “\n”);
fputs($fp, “User-Agent: MSIE\n”);
fputs($fp, “Connection: close\n\n”);
if ($method == ‘POST’)
fputs($fp, $data);

while (!feof($fp))
$buf .= fgets($fp,128);
fclose($fp);
return $buf;

AJAX Form Submit:

At any AJAX application we frequently use such code.

var http_request = false;
url ="myformactionpage.php";
parameters ="field1=val1&field2=val2";
if (window.XMLHttpRequest) { // Mozilla, Safari,...
http_request = new XMLHttpRequest();
if (http_request.overrideMimeType) {
` http_request.overrideMimeType('text/html');
}
} else if (window.ActiveXObject) { // IE
try {
http_request = new ActiveXObject("Msxml2.XMLHTTP");
} catch (e) {
try {
http_request = new ActiveXObject("Microsoft.XMLHTTP");
} catch (e) {}
}
}
if (!http_request) {
alert('Cannot create XMLHTTP instance');
return false;
}

http_request.onreadystatechange = alertContents;
http_request.open('POST', url, true);
http_request.setRequestHeader("Content-type", "application/x-www-form-urlencoded");
http_request.setRequestHeader("Content-length", parameters.length);
http_request.setRequestHeader("Connection", "close");
http_request.send(parameters);

Share your tought if you find any others way to submit a html form.

Enjoy PHPing......

Posted in PHP, AJAX, JavaScript | 3 Comments »

Simple AJAX Application With Autosuggest / Autocomplete Feature

Monday, September 18th, 2006

Today I was just reviewing my previous works and i found a code that i worked for autocomplete feature. And when i was running that code it wasn’t working. It was using CAPXOUS AutoComplete. Then i started to fix that code and i was also searching for others related works and i found BNS’s work that is also a cool work. I download that code and start working on it and within a hour i made a simple AJAX application with insert, delete ,sorting and autocomplete features. Its not a such hard job but i like to put this example here.

Here is the simple AJAX works

Posted in AJAX | 4 Comments »

CAPTCHA to Secure Web Forms

Friday, September 1st, 2006

CAPTCHA an acronym for “completely automated public Turing test to tell computers and humans apart “. CAPTCHA technology is used to prevent forums, polls, guestbooks, and blogs are some of the popular places where automated robots can be found submitting forms.

Web forms are always prone to attack by people who want to use it for their own purpose. There are various way to prevent such attract but the most effective and accurate way is using CAPTCHA.

CAPTCHA mainly generate a random created image that is displayed to the user. The image contains a phrase, that is only human readable and after the form submit it verify the human submission by matching the phrase.

This technique doesn’t ensure the 100% security. Some CAPTCHA are breakable for OCR attacks. And there are also others vulnerabilities, such as session re-use and cross-vhost file inclusion on shared servers.

However CAPTCHA can be a great way to limit the amount of successful, unwanted HTTP POST requests in your application. There are many open-source class and code for CAPTCHA. PEAR’S CAPTCHA is one of the best package.

Happy CAPTCHA-ing!!!!!

Posted in PHP | 1 Comment »