plv8 disable execute and prepare function in eval() - javascript

How could I deactivate the access to plv8 functions in my eval?
create or replace function
js(src text, input json) returns json as $$
plv8.elog(NOTICE, 'test');
//--plv8 = null; // this would disable permanently plv8, also after another call of the function
var evalRes = eval('var output=null; ' + src + '; output;');
return JSON.stringify(evalRes);
$$ LANGUAGE plv8;

I finally found the solution:
create or replace function
public.js(src text, input json) returns json as $$
//-- select js('var a = input.test; var output = []; for(k in a) { output.push(10+a[k]); };', '{"test": [1,2,3]}'::json)
//-- select public.js('plv8.elog(NOTICE, "yoyo");', null) // should not be possible
plv8.elog(NOTICE, 'test');
var evalRes = null;
(function() {
var plv8 = null; //-- In order to disable execute, prepare...
evalRes = eval('var output=null; ' + src + '; output;');
})();
plv8.elog(NOTICE, 'test2');
return JSON.stringify(evalRes);
$$ LANGUAGE plv8;

Related

How to correctly combine javascript with razor syntax

I have the following code in my razor view, I need to set some javascript variables to set the value coming from razor.
However the values of the variables are not being set.
var listPuntos =[];
function onSelect(e) {
var dataItem = this.dataSource.view()[e.item.index()];
#{
var proveedorID = 0;
<text>proveedorID = dataItem.ProveedorID</text>
var list = new UnitOfWork().PuntosVentaProveedorRepository.Get().Where(x => x.ProveedorID == proveedorID);
proveedorID = 0;
<text>listPuntos = list; </text>;
<text>
var displayText;
$.each(listPuntos, function (key, value) {
if (displayText == undefined)
displayText = value.Nombre + ', ';
else
displayText = displayText + value.Nombre + ', ';
});
document.getElementById("puntos").value = displayText.slice(0,-2);
</text>
}
}
Given your concrete example, I would start by reducing the number of <text> blocks needed by instead just wrapping the shorter C# bits with #{ … }. This improves readability & lessens confusion. For example:
var listPuntos =[];
function onSelect(e) {
var dataItem = this.dataSource.view()[e.item.index()];
#{ var proveedorID = 0; }
proveedorID = dataItem.ProveedorID;
#{ var list = new UnitOfWork().PuntosVentaProveedorRepository.Get().Where(x => x.ProveedorID == proveedorID); }
proveedorID = 0;
listPuntos = #Json.Encode(list);
var displayText;
$.each(listPuntos, function (key, value) {
if (displayText == undefined)
displayText = value.Nombre + ', ';
else
displayText = displayText + value.Nombre + ', ';
});
document.getElementById("puntos").value = displayText.slice(0,-2);
}
Next, to inject a C# value into JavaScript code being emitted by the server, you need to encode the value in JavaScript. The best way to do this is to convert it into JSON. This is done above using Json.Encode. In particular, the line reading:
listPuntos = #Json.Encode(list);
I've used Json.Encode but of course you are free to use whatever JSON library du jour that fits your project.
you should separate html code and javascript code.
First at all, don't call any server code from View when View is loading. Push all necessary arrays etc via model property in appropriate format (i.e. in json format) and then fill any client list from value of that property.
Secondly - move code like it :
var displayText;
$.each(listPuntos, function (key, value) {
if (displayText == undefined)
displayText = value.Nombre + ', ';
else
displayText = displayText + value.Nombre + ', ';
});
document.getElementById("puntos").value = displayText.slice(0,-2);
to appropriate section, like it:
#section scripts
{
<script>
.....
</script>
}

capturing a specific value from a cookie javascript

I have a cookie set up which has data stored in the following format:
{"g":"776","f":"88876","hit":"true","TESTVALUE":"this is the value i want to capture"}
I want to capture "TESTVALUE" in its own variable.
I am using this script to actually capture the cookie data (where the cookie is called "chocolateChip":
var getCookie = function (name) {
var re = new RegExp(name + "=([^;]+)");
var value = re.exec(document.cookie);
return (value != null) ? unescape(value[1]) : null;
} // code indentation
var cookie = getCookie(chocolateChip);
Im then using the following script to pass the "testvalue" string to its own variable:
var test = cookie.TESTVALUE;
However this does not seem to work.
The cookie value is a JSON string, which you need to parse to get an actual JS object.
Try this:
var cookie = getCookie(chocolateChip);
var test = JSON.parse(cookie).TESTVALUE;
Or, if you need to access more properties:
var cookie = getCookie(chocolateChip);
var cookieObject = JSON.parse(cookie);
var testValue = cookieObject.TESTVALUE;

How to parse data via url and retrive with javascript

I went through sb code and wants to implement similar code. he used:
htmlItems += '<li><a href="show-feed.html?url=' + items[i].url + '">' +
items[i].name + '</a></li>';
and used this javascript code to retrive the url and parse to a method
.on('pageinit', '#show-feed-page', function () {
var url = this.getAttribute('data-url').replace(/(.*?)url=/g, '');
Application.initShowFeedPage(url);
it works well and i want to parse three values to the method eg
<a href="showProduct.html?code='+ items[i].code +',name='+items[i].name+',price='+items[i].price+'">"and need code to retrive and parse to a method
initShowProductPage(code,name,price);
First of all, your html is wrong, you have to prepare proper query string format, the updated html mark up is:
<a href="showProduct.html?code='+ items[i].code +
'&name='+items[i].name+'&price='+items[i].price+'">"
You have to access window.location.href and parse it for the query string parameters.You can write a method which parses the url, like below:
function parseURL() {
var vars = [];
var hashes = window.location.href.slice( window.location.href.indexOf('?')+1 ).split("&");
for (var i=0;i<hashes.length;i++) {
hash = hashes[i].split("=");
vars.push( hash[0] );
vars[ hash[0] ] = hash[1];
}
return vars;
}
Then you can access them using code, name and price parameters like below:
.on('pageinit', '#show-feed-page', function () {
var hashObj = parseURL();
// To get code
var code = hashObj["code"];
// To get name
var name = hashObj["name"];
// To get price
var price = hashObj["price"];
// Now call the method
initShowProductPage(code,name,price);
});

Storing query string parameters in session cookie

I have the need to store users initial query string parameters during their stay on a webpage. I decided to parse the query string parameters and stick them in a session cookie so when I have code that needs the initial query parameters I call the cookie.
This seems to not always work, esp in IE. Can anyone give me some suggestions? I thought maybe to store it in the dom storage but I'm not sure if that is the right approach.
The code lives in my page header and is accessible on all the pages of the site.
Here is what I put together:
var urlParams;
(window.onpopstate = function () {
var match,
pl = /\+/g,
search = /([^&=]+)=?([^&]*)/g,
decode = function (s) { return decodeURIComponent(s.replace(pl, " ")); },
query = window.location.search.substring(1);
urlParams = {};
while (match = search.exec(query))
urlParams[decode(match[1])] = decode(match[2]);
})();
function set_cookie(name, value) {
var cookie = [name, '=', JSON.stringify(value), '; domain=.', window.location.host.toString(), '; path=/;'].join('');
document.cookie = cookie;
}
function read_cookie(name) {
var result = document.cookie.match(new RegExp(name + '=([^;]+)'));
result && (result = JSON.parse(result[1]));
return result;
}
if(read_cookie('tbts') === null){
set_cookie('tbts', urlParams);
}
var urlParamsCookie = read_cookie('tbts');
You don't specify which version of IE, but according to Can I Use, popstate isn't available until IE10.

jQuery redirect to source url

I would like to redirect a user to a target URL on a button click. The target URL is variable and has to be read from the current page URL parameter 'source':
For instance, I have a url http://w/_l/R/C.aspx?source=http://www.google.com
When the user clicks on a button he's being redirect to http://www.google.com
How would I do that with jQuery?
first of all you need to get the url param : source
this can be done with a function like :
function GetParam(name) {
return decodeURI(
(RegExp(name + '=' + '(.+?)(&|$)').exec(location.search)||[,null])[1]
);
}
// you can use it like
var source = GetParam('source');
//then
window.location.href = source
On button click handler, just write window.location.href = http://www.google.com
You will need to parse the query string to get the value of the variable source.
You don't need jQuery for it.
A simple function like this will suffice:
function getFromQueryString(ji) {
hu = window.location.search.substring(1);
gy = hu.split("&");
for (i = 0; i < gy.length; i++) {
ft = gy[i].split("=");
if (ft[0] == ji) {
return ft[1];
}
}
}
location.href = getFromQueryString("source");
Using the url parsing code from here use this to parse your url (this should be included once in your document):
var urlParams = {};
(function () {
var e,
a = /\+/g, // Regex for replacing addition symbol with a space
r = /([^&=]+)=?([^&]*)/g,
d = function (s) { return decodeURIComponent(s.replace(a, " ")); },
q = window.location.search.substring(1);
while (e = r.exec(q))
urlParams[d(e[1])] = d(e[2]);
})();
Then do this to redirect to the source parameter:
window.location.href = urlParams["source"];
Since you are using the jQuery framework, I'd make use of the jQuery URL Parser plugin, which safely parses and decodes URL parameters, fragment...
You can use it like this:
var source = $.url().param('source');
window.location.href = source;
get url params : (copied from another stackoverflow question) :
var params= {};
document.location.search.replace(/\??(?:([^=]+)=([^&]*)&?)/g, function () {
function decode(s) {
return decodeURIComponent(s.split("+").join(" "));
}
params[decode(arguments[1])] = decode(arguments[2]);
});
window.location = params['source'];
You can do like this,
<a id="linkId" href=" http://w/_l/R/C.aspx?source=http://www.google.com">Click me</a>
$('#linkId').click(function(e){
var href=$(this).attr('href');
var url=href.substr(href.indexof('?'))
window.location =url;
return false;
});

Categories

Resources