Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

Whats wrong with this Javascript code?

I

InfoTech11

macrumors member
Original poster
Nov 18, 2008
30
0
I am trying to write a script to allow searching from my mobile web app. I have a search field, and a button. It doesn't seem to be processing the information right for it to search my VB forum correctly. Can someone tell me what's wrong with this code?

I put the "searchid=" at the end of the location because thats what VB forum uses I believe to search.

Code: 
function doSearch(event)
{
// Search Criteria

}


function detailButtonHandler(event)
{
// Values you provide
var searchFieldToChange = document.getElementById("searchfield");	// replace with ID of search field
var newSearchFieldText = "Searching";						// value to change range to

// Search field code
searchFieldToChange.value = newSearchFieldText;

    document.location = ("http://www.infotechelite.com/forum/search.php?searchid=" + detailController._representedObject);
}

does nobody really have no idea? This is a mac programming forum and nobody knows?
 
You posted it first in the Mac Programming forums which isn't for web development, so it got moved, so it got less attention than it would have had it been in the Web Dev forum first.

It's fairly vague what the situation is. Plus you don't say what detailController is or what ._representedObject is.
 
I dont know what it is. All i know is I have a button called "button2" and a search field called 'searchfield". I want i to take the information and search whats on the page. (my page consists of RSS feeds updated dynamically.
 
The information you provide is not enough to debug with. Do you have a link so we can see the page in question? The only thing in the code that I can tell might have an issue is,
PHP: 
document.location
which should be
PHP: 
location.href
I tried going to the link that's described in the code, and it tried to get me to do a CAPTCHA thing, which I couldn't complete. The words were too scrambled to figure out. I tried listening to the audio CAPTCHA and I couldn't make out what it was saying, so went back to the text mode and refreshed it a number of times until I found one I could make out. Then it told me I needed to copy some text from box to another, but then it didn't tell me what to do after that. It is the absolute worst implementation of a CAPTCHA that I have ever come across. You should remove it and find something better. Sorry to rant, but that was one of the most annoying experiences I've ever had. All I was doing is performing a search as well. Why does it need to know I'm human to perform a search?
 
angelwatt said:
The information you provide is not enough to debug with. Do you have a link so we can see the page in question? The only thing in the code that I can tell might have an issue is,
PHP: 
document.location
which should be
PHP: 
location.href
I tried going to the link that's described in the code, and it tried to get me to do a CAPTCHA thing, which I couldn't complete. The words were too scrambled to figure out. I tried listening to the audio CAPTCHA and I couldn't make out what it was saying, so went back to the text mode and refreshed it a number of times until I found one I could make out. Then it told me I needed to copy some text from box to another, but then it didn't tell me what to do after that. It is the absolute worst implementation of a CAPTCHA that I have ever come across. You should remove it and find something better. Sorry to rant, but that was one of the most annoying experiences I've ever had. All I was doing is performing a search as well. Why does it need to know I'm human to perform a search?
Click to expand...

It asks for a CAPTCHA because you dont have a membership/not logged in. but i disabled it.

Thank you for responding angelwatt. I have uploaded a test copy of the site. I am trying to somehow implement a search into the application itself, or when it redirects to the VB search, maybe have it a little bit optimized? Thank you!

The temporary location to my app is:

http://www.infotechelite.com/mobile/search

ALSO. if i press back, and i try to type something back into search, it automatically goes right back to search.php. Why?
 
On that test page there was some JavaScript errors (check the error console in your browser, under the Tools menu), though I don't think they are related to your current problem, likely just the test page. Just FYI.

Also, I'm only seeing a logo on the test page, so not sure how that can be used to test your code. I believe it needs to be activated from a text field. I'm just using Firefox to look at it, it looks like the URL and code might be expecting me on a mobile device. Is that right?

Some other questions, where did you get the detailButtonHandler function code from? Can you also elaborate/clarify on the effect you're trying to achieve with the code?

@others here that are wanting to help, some pointers for where to find some items. The code that the OP provided is located in the main.js file at the very bottom. This file also has the definition of the detailController object, which I didn't completely understand when I looked at it.
 
Well I want someone to be able to search all our articles just as if they were on the forum. I got the handler from devconnection.

I have been been trying to create a simple button with a link too but I can't figure that out either.

Angelwatt? anyone?
 
Thinking cap on...

I believe the searchid is generated by VB AFTER the form submission, in the results page.

Here is the relevant HTML to help you debug what's needed in your javascript form, i.e. what arguments VB expects when a user submits a search request. This is actual HTML from the simple search form here on MacRumors, which is also VB:

HTML: 
<form action="search.php?do=process" method="post">
<input type="hidden" name="do" value="process" />
<input type="hidden" name="quicksearch" value="1" />
<input type="hidden" name="childforums" value="1" />
<input type="hidden" name="exactname" value="1" />
<input type="hidden" name="s" value="" />
<input type="hidden" name="securitytoken" value="7d59a20f04c5ab2292ff94c57d83758975d37aed" />
<div>
<input type="text" class="bginput" name="query" size="20" tabindex="1001" />
<input type="submit" class="button" value="Search Forums" tabindex="1004" />
</div>
</form>

I will assume your code submits properly (via POST, not get) then VB is generating the errors you see. If so, it's up to you to learn what all those hidden fields do, how they might be set to affect processing and results. Plus that security token is for MacRumors, not yours, and is likely session based for the user's cookie, etc. generated by VB to prevent exactly the kind of thing you're trying to do -- access the search outside the scope of the forum. VB is well written in terms of security measures like this, as you're likely finding out.

So please integrate the relevant HTML above into your Javascript form with all hidden fields properly set. Then if VB complains with error messages, forces a login, security popups or whatever, please report back SPECIFICALLY what happened, i.e. the error page and include a link to your search form that works.

I suggest you cross post this on one of the VB plugin/theme (hack) forums for third party developers who write stuff to extend VB. What you're doing is proprietary to that product, might save you some time.

I am posting this not to offer a direct solution, but to hopefully help you debug it properly.

-jim
 
I took your answer and looked up my code from my forum. (Im not too worried about the security token. I disabled requirement of CAPTCHA when searching (you can search without entering in a captcha now, making it easier for browser in our case.)

I came up with:

Code: 
<form action="search.php?do=process" method="post" name="vbform" id="searchform" style="display:block; margin:0px">
<input type="hidden" name="s" value="" />
<input type="hidden" name="securitytoken" value="1229724304-435d5b99e968967383770c4ca9711e33bd4c7057" />
<input type="hidden" name="do" value="process" />
<input type="hidden" name="searchthreadid" value="" />

<table class="tborder" cellpadding="6" cellspacing="1" border="0" width="100%" align="center">
<tr>
	<td class="tcat">
		Search Forums
	</td>
</tr>


------------

Now, What my web app is doing (trying to do) is have a search field, and a button that takes that information and submits it to VB. But when it goes to submit, I dont think it takes anything from the actual searchfield. When I click my "Search" button, my searchfield text changes to "Searching" (what i want it to do) and then the browser redirects to the forum search.php. the url then turns into:

http://www.infotechelite.com/forum/search.php?searchid=undefined

So I cant tell if it is actually pulling the information from the searchfield?
Here is the code I wrote for that:

On my searchfield, my behavior is onsearch - detailButtonHandler
On my search button, my behavior is onclick - detailButtonHandler

The actual code is:

Code: 
{

var searchFieldToChange = document.getElementById("searchfield");	
var newSearchFieldText = "Searching";						

searchFieldToChange.value = newSearchFieldText;

    location.href = ("http://www.infotechelite.com/forum/search.php?searchid=" + detailController._representedObject);
}

Now im not too sure if this is working.
If someone would like to take a look, you may point your browser to:

http://www.infotechelite.com/mobile/search

That is the web app location for now.
If you for some reason see the web app page from your browser, go to:

https://www.infotechelite.com/mobile/search
* You can try using our SSL certificate, maybe that will work better.

I've attached a screenshot of what you should see.


But I'd like to know If I could somehow implement a PHP search script into Dashcode? I know PHP very good.
 

Attachments

  • Picture 1.png
    Picture 1.png
    100.3 KB · Views: 71
The entire approach you are using is not compatible with how vB works, respectfully.

Your method:

On the submit, you call Javascript which fetches the search ID and redirects the browser to the vB result page with that ID.

How vB really does it (expanding on my previous comments with alot more detail):

On the submit, the POST action calls search.php and passes the "query" field (user's search text) and numerous other hidden field values that control the search behavior, result page criteria, and security to prevent remote hijacking. Then vB processes the query and fetches the results. If there are matches found, vB will then generate a unique search ID for that specific search and result set and redirects to display the results page. Otherwise if no matches are made it simply redirects to the advanced search form with "do=process" as the only argument. All that argument does is present the dialog at the top of the search page that informs the user "Sorry - no matches. Please try some different terms" and other error phrases too.

So you should not be fetching/creating the search ID because vB creates that on its own as it processes the actual query and only if results are found. This includes redirects as well.

SO, PLEASE DO THIS INSTEAD:

Write a complete HTML form based on my example in my previous reply with the proper action (correct path to search.php) and POST method, include all the necessary hidden fields. Let VB take over from there on the submit. Note - relying on Javascript as the only means to trigger the search/submit is a bad practice - add a "Go" button in your form just as vB uses in their form for users who have it disabled.

You told me the securitytoken hidden field in the form wasn't an issue, the only field I identified as a potential problem (vB's method of preventing remote hijacking). If you find it is necessary based on testing then please use PHP to parse its value into the form since you said you know PHP well. Thanks!

-jim

ps: If you need help with the form, include the entire form - all HTML between and including the form open and close tags and I'll see what I can do. :)
 
Sr.WebDeveloper,

I took your form and modified it to:

Code: 
<form action="www.infotechelite.com/forum/search.php?do=process" method="post">
<input type="hidden" name="do" value="process" />
<input type="hidden" name="quicksearch" value="1" />
<input type="hidden" name="childforums" value="1" />
<input type="hidden" name="exactname" value="1" />
<input type="hidden" name="s" value="" />
<input type="hidden" name="securitytoken" value="7d59a20f04c5ab2292ff94c57d83758975d37aed" />
<div>
<input type="text" class="bginput" name="query" size="20" tabindex="1001" />
<input type="submit" class="button" value="Search Forums" tabindex="1004" />
</div>
</form>

Now I have this running off of a subdomain (mobile.infotechelite.com) and I want it to process to www.infotechelite.com/forum/search.php?do=process to process the search query.

How would I work this into Dashcode and the behavior panes? (onclick on search etc)

It says the security token is missing or incorrect as well. Are the security tokens the same for every search query?
 
Below are the essential (required) HTML elements:

HTML: 
<form action="http://www.infotechelite.com/forum/search.php" method="post" name="myform">
<input type="hidden" name="do" value="process" />
<input type="hidden" name="quicksearch" value="1" />
<input type="hidden" name="childforums" value="1" />
<input type="hidden" name="exactname" value="1" />
<input type="hidden" name="s" value="" />
<input type="hidden" name="securitytoken" value="1229724304-435d5b99e968967383770c4ca9711e33bd4c7057" />
<input type="text" class="bginput" name="query" size="20" />
<input type="submit" class="button" value="Go" />
</form>

That takes into consideration the correct form action, method and name being added for later. I also put back the security token you generated previously in another reply, not the MacRumors one I sent you.

Instructions:

Please simply copy/paste the HTML only somewhere on the page you want so you may test it without bells and whistles. That's it for now, report back what happens when you click the "Go" button in the search form.

Remember, your request is rather unusual and complex - basically you're hacking locally into your own licensed forum, attempting to bypass very tough vBulletin security designed to prevent exactly that, and with a sub-domain involved. And on top of all of that is within a proprietary Dashboard which you apparently do not know from a technical perspective.

So.... One step at a time! Test the basic form first, you can dress it up later after a successful test of the basic form itself.

-jim
 
As to the security token, I think it is user specific, but I am not sure. If you are doing all this within a vB template, then you can get the security token value via: $bbuserinfo[securitytoken] (a variable generated by vBulletin at runtime) - or if you know how in PHP to embed vB (i.e. create a new vB page) so all of its variables are available.

-jim
 
I have figured out what I want. It does exactly as I need to. Thank you Sr.WebDeveloper.

mobile.infotechelite.com/search

I created a redirector script and created "search2.php" to filter out requests from computers and mobile users.

I have one final question.

I need to implement this into Dashcode's javascript enviornment. Do you know how I would apply this table to my current search bar and button?
 
Glad you got it working.

Apparently you ended up doing what most vB hackers do, create their own custom search script, sdatabase.php in your case. In that I'm guessing you removed the security and slimmed it down to query and return a simple topic list from the database. Then you redirect to search2.php which is further customized to display the database results to the browser. So that's two custom scripts. Am I close? This is a complete 180 from your original request, for the record, so if you bypassed the advice offered, users following this who might want to do the same or similar might appreciate a quick explanation of your final procedure.

As to Dashboard, I'm sorry I cannot help you as I am not familiar with it. Maybe one of the vB gurus on their support forums might be the proper move for that if no timely response here.

Cheers and take care!

-jim
 
Well, its so much as "Dashcode". its just a builder.

I just need the form converted from the one searchfield and button to the other.

Like: HTML searchfield & button >>> JAVASCRIPT searchfield & Button (I want the exact same function)

like:
Code: 
function DoSearch(event)
blah blah blah.. (or something like that)

I know it was a 180, but It was the only way I could get around the security.

I am very very appreciative of your help SrWebDeveloper. Thank you very much. I wish I could repay you. I know PHP like a expert if that helps!
 
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom
Back