Today I set up a new Azure SQL database and HTML5 Webapp to replace an existing Google Apps Script which wasn't working on iPhones. I have the database connected to the webapp with the connection string, and I want to know how to simply post the details from the html form into the SQL database.
Previously I have been using javascript in GAS with a firebase backend, so I am missing a bit here. Although I can see the connection string in my webapp, I don't know how to then call or post the html form information.
I looks at the functions app method but can't really find the code to post html data, plus how I trigger that from clicking a button on the client side.
I found this code which say it will work, but not to use it because it leaves your database open to hackers.
<script>
var objConnection = new ActiveXObject("adodb.connection");
var strConn = "driver={sql server};server=QITBLRQIPL030;database=adventureworks;uid=sa;password=12345";
objConnection.Open(strConn);
var rs = new ActiveXObject("ADODB.Recordset");
var strQuery = "SELECT * FROM Person.Address";
rs.Open(strQuery, objConnection);
rs.MoveFirst();
while (!rs.EOF) {
document.write(rs.fields(0) + " ");
document.write(rs.fields(1) + " ");
document.write(rs.fields(2) + " ");
document.write(rs.fields(3) + " ");
document.write(rs.fields(4) + "<br/>");
rs.movenext();
}
Can anyone please let me know what I am missing to get the SQL database and html5 web app talking?
Thanks
First of all you should not connect to any database from an HTML app which runs on the client side the user will be browsing the site which have a huge security impact. Connecting to a database (it could be sql,mysql or any) happens on the server side, which is where you host your application.
In order to connect to the database you will have to use server side technologies such as node,php or asp.net etc.
Related
So currently my website is loading an JSON File from my server, looking for the data it needs and then showing it up on the screen as well as downloading and showing an image related to that info from a public API. I was wondering how would I go about storing the API downloaded image to my own servers database so before every image fetch it would check for the image in my server and if it doesn't exist, it would go to the public API and download and store it in my servers database?
This code below is a sample, when the site is loaded it pulls a random card from the JSON and displays its info along with the image. I want to download the image from the api, store it in my servers database and then check for said image before downloading as to reduce API calls to a minimum.
function RandomCard() {
const RC = Math.floor(Math.random() * cardAPIListings.data.length);
var cardShowcase = document.getElementById("randomcardshowcase");
var randomCardImage = document.getElementById('randomImage');
switch (cardAPIListings.data[RC].type) {
case "Spell Card":
case "Trap Card":
cardShowcase.innerHTML = '\"' +cardAPIListings.data[RC].name + '\"' + '<br><br>' + '[' +
cardAPIListings.data[RC].race + ' / ' + cardAPIListings.data[RC].type + ']' + '<br>' +
'Attri: ' + cardAPIListings.data[RC].attribute + '<br><br>' + 'Effect: ' + '<br>' +
cardAPIListings.data[RC].desc;
randomCardImage.src = cardAPIListings.data[RC].card_images[0].image_url;
break;
Edit:
The PUBLIC API that I'm using says this:
[ Card Images
Users who pull our card images directly from our server instead of our google cloud repository will be immediately blacklisted.
Card images can be pulled from our Google Cloud server but please only pull an image once and then store it locally(I Assume this means Store it in your Own Server/API Database).
If we find you are pulling a very high volume of images per second then your IP will be blacklisted and blocked.]
So I need a way to store the images in my own location as they are being downloaded from the Public API so I Dont get blacklisted.
Unless I'm misunderstanding your question, only store images and other binary data to the file system.
No reason to burden database with big binary data. Only store file link (or URL) in the database.
IPGlobalProperties properties = IPGlobalProperties.GetIPGlobalProperties();
Environment.UserDomainName;
properties.DomainName;
System.Web.HttpContext.Current.Request.LogonUserIdentity.Name
System.Security.Principal.WindowsIdentity.GetCurrent().Name;
I tried above Properties in C# but no luck.
It works fine on the local machine.
My Question:
I have hosted a web application in abc.com domain and url is abc.com, when I access this site outside of domain or from some other external domain computers (from clients system) how to get their(clients) system domain name using c#, Jquery or Javascript.
Any solution in c#, jQuery, JS?
Thanks in advance.
Based on this answer about JS solution: JavaScript - How to get the name of the current user
I can add following:
Browser is a kind of a sandbox, where you can't reach Win resources without user permissions.
If Your user logged in to the system, then its already in your domain.
try like this ,By this way you will get Hostname
string ipAddress = Request.UserHostAddress;
IPHostEntry entry = Dns.GetHostEntry(ipAddress);
string domainName = entry.HostName;
and for computer name you can do like this
var comutername= HttpContext.Current.Server.MachineName
and in your javascript you will get computer name by using ActiveXObject as
function GetClientInfo() {
var net = new ActiveXObject("wscript.network");
alert("Computer Name : " + net.ComputerName + "\n User Name : " + net.UserName + "\n Domain Name :"
+ net.UserDomain);
}
I need to create a database with about 65000 products and their specifications. All I have to work with is a network drive, access 2007 and a browser (IE11).
So far, I have successfully connected to the database with html/javascript on a local drive, however it fails when I try to connect to it from a networked computer.
See the code below:
var strPath = "file://mynetworkshare/n/tecdoc/tecdoc.accdb";
var strConn = "Provider=microsoft.ace.oledb.12.0;Data Source=" + strPath;
var objConn = new ActiveXObject("ADODB.Connection");
objConn.Open(strConn);
var objRs = new ActiveXObject("ADODB.Recordset");
objRs.Open(strSql, objConn, ADO_RS_CTE_AD_OPEN_KEYSET, ADO_RS_LTE_AD_LOCK_PESSIMISTIC);
The code clearly fails at objConn.Open(strConn) therefor I tried multiple forms of local network URL's to put in the strPath ... yet, none worked. I'm starting to suspect that my approach isn't possible. Any and all insights on the matter are welcome!
I'm connecting to a website via websocket connection (client to server), I know how to encode the data and write it to the server (using the net module in node.js) but when I'm reading the data back I get odd characters in front of the important data, like if I'm suppose to get:
// Data needed on the left and data I'm receiving from websocket on the right
'inited\r\n' -> '�inited\r\n'
'n:2\r\n' -> '�n:2\r\n'
This is how I am getting the data from the server
Klass.prototype.connect = function(){
// this.port is equal to 8080 and the exact server varys, but it's not that important anyways since the problem is decoding the data properly.
var that = this;
var buffer = "";
this.socket = new net.createConnection(this.port, this.server);
this.socket
.on("connect", function(){
that.sendHandshake(); // just sends a standard client to server handshake
})
.on("data", function(recv){
// .split('\r\n\r\n').join('\r\n') needed to separate the server handshake from the data I am trying to parse
buffer += recv.toString('utf-8').split('\r\n\r\n').join('\r\n');
while (buffer){
var offset = buffer.indexOf('\r\n');
if (offset < 0)
return;
var msg = buffer.slice(0, offset);
// parseMsg(msg)
buffer = buffer.slice(offset + 3);
}
});
};
I am probably doing a lot of things improperly in the code above, but I'm not quite sure how to do it exactly so that is the best I got for now.
Problem is I don't know how to remove the mystery/special characters. Sometimes there is only 1 mystery/special character, but other times there is multiple ones depending on the data but they are never after the important data I need to check.
When I use Google Chrome and view the data on through tools->JavaScript console->network tab and find the websocket stream I'm looking for Google parses it correctly. I know it's possible since Google Chrome shows the correct frames, how do I deconstruct/decode the data so I can view the correct frames on the terminal?
I don't really need it in a particular language as long as it works I should be able to port it, but I would prefer examples/answers in node.js since that is the programming language I am using to connect to the server.
I have found a code in net, and there is a code line there, which I don't undersand it meaning and what does it do. Moreover the line doesn't work. Can anyone help?
the code-
var connection = new ActiveXObject("ADODB.Connection"); /*the line*/
var connectionstring = "Data Source=srvp7rnd-herm;Initial Catalog=hermes;User ID=hermes;Password=hermes;Provider=SQLOLEDB";
connection.Open(connectionstring);
/* JavaScript obect to access a SQL query's results */
var rs = new ActiveXObject("ADODB.Recordset");
/* Getting the current MAX(id) from the database */
rs.Open("SELECT MAX(id) FROM Screen_Template", connection);
rs.MoveFirst;
var maxID = rs.Fields.Item(0);
maxID = maxID + 1;
/* TODO: Get the last UID */
var sql = "INSERT INTO Screen_Template(template_name, OpCo, env, template_xml, language, id, title, role, UID) VALUES (" + templateName + "," + opco + "," + env + "," + "<hello>hello</hello>" + ",eng," + maxID + ",Hermes SMS message composer," + "manag, 10)";
alert(sql);
rs.Open(sql, connection);
/* Closing the connections */
rs.close;
connection.close;
The code you are looking at is either javascript, or Microsoft-flavoured jscript. The code can be either server side in ASP-Classic (Jscript was an option here, albeit unusual - most coded server side in VB Script), however, given that there is an alert half way through the page, it is likely that intended for client side, on a browser.
The lines
var connection = new ActiveXObject("ADODB.Connection");
and
var rs = new ActiveXObject("ADODB.Recordset");
attempt to create an Active X component (aka Component Object Model, or COM) of ADODB.Connection and ADODB.Recordset, respectively, and then use these to insert data into the database. You can get reference to these here, although not that most of the reference is in VB :(
So here is a list of some of the possible issues:
The code will only ever run in IE browsers
You may need to download and install the COM components - ADO is installed via MDAC - Download here
You may need to run IE as an Administrator
You may need to open all sorts of security loopholes in IE (ActiveX controls, safe for scripting etc)
If you enable script debugging on the browser you'll get more info on the actual issue.
I guess I need to point a couple of other major issues:
The concatenated sql string is prone to sql injection attacks (although obviously anyone viewing the page source can do whatever they like to the database anyway) - parameterization is the solution here.
SELECT Max(ID), incrementing, and inserting isn't concurrent safe - the solution here is to use an IDENTITY or GUID
However, all that said, this is obsolete technology, a security nightmare, and architecturally just plain wrong IMO - possibly you can convince your school to redesign the code using a more modern technology stack? (Sorry to be the bearer of bad news)