00:00
00:00
B1KMusic
Hi. I make games and software. I'm not on NG much, but feel free to peruse my youtube and gitlab for interesting stuff.

Braden @B1KMusic

Age 29, Male

Programmer/Musician/

fish

Earth, Milky Way

Joined on 6/19/11

Level:
10
Exp Points:
948 / 1,110
Exp Rank:
69,209
Vote Power:
5.20 votes
Rank:
Police Sergeant
Global Rank:
8,618
Blams:
42
Saves:
1,040
B/P Bonus:
12%
Whistle:
Normal
Medals:
799

Taking down PHP

Posted by B1KMusic - June 16th, 2012


You don't need php for $_GET and $_POST, because javascript is capable of both thanks to these functions I wrote:

$_GET:

function $_GET(key,def){
try{
return RegExp('[?&]'+key+'=([^?&#]*)').exec(location.hr ef)[1].replace(/%20|\+|_/g, ' ')
}catch(e){
return def?def:''
}
}

this looks into the url and utilizes the exec function to return an array based on the parentheses ("(" and ")"), ala ['...?key=value', 'value']. After doing that, it grabs the second part of the array, which returns the value. It's a simple function, so it's probably all over the place, you probably already know of its existence.

$_POST:

function $_POST(key, def){
try{
var hidden=localStorage[key]
localStorage.removeItem(key)
return hidden
}catch(e){
return def?def:''
}
}

this function acts like php's $_POST function in both presiding over a "session", and having the same security aspect. Here's how:

1 - it utilizes localStorage to save the POST data, this allows it to not expire prematurely (do not use sessionStorage)

2 - it sets a local var "hidden" to take the place of the POST data when called, and then be returned that way, this ends up deleting both variables, but returning the POST data, simple and secure.

3 - this function is supposed to be used "on load", meaning, obviously, it runs when the document loads, so you can't guess what the storage key is and make off with someone's password because it would run and the vars would get deleted before you could do that.

this isn't php, so go ahead and remove the dollar signs and obfuscate away for your facebook knockoff

In all seriousness, I'm not stupid, I know that php is for server-side scripting, and in its own ways can be a little more secure than javascript since it can't be manipulated by the client. So don't try to replace php with javascript, use both in harmony.

grab this html file, I quickly wrote it to demonstrate the GET and POST features to give you a better idea of what you can do with these functions.

Update to html: added "persistent" box too demonstrate that data can also be kept--saved to the computer--as a persistent value

When you type and press enter, it will execute that GET or POST "request", and return the information

Notice how the POST clears itself when you refresh after submitting something into it


Comments

Before you say "ZOMG U DIDNT CREATE THOSE IVE SEEN THIS ON A BLOG":

By "I wrote these functions", I mean I didn't copy/paste them, or look them up, I figured it out because it's obvious to any seasoned javascript developer.

Also, I already said that the _GET function is a very commonly used function (like in google and youtube, you know, after the "?" symbol, that ain't php parsing that), so it's bound to be blogged about everywhere, that's the internet. So if you try to say I was beat to it, then you fail for not reading.