Trying to parse webpage using php - javascript

I am trying to parse a webpage and print out a table which is on the webpage. I am using php_simple_html dom parser. However, when I try to parse the table off the webpage, all the javascript commands to output the table get turned into comments within the php:
<html>
<script type="text/javascript" src="jquery.js"></script>
<?php
include 'crawling/simple_html_dom.php';
$html = file_get_html('http://uiucfreefood.com/');
$ret = $html->find('body', 0)->find('div', 10)->find('table',0); //gets to the table tag
echo $ret; // nothing is echoed out because the original webpage uses jscript commands to write the table to the page but these commands get turned to comments for some reason.
?>
</html>
When I inspect the element of the page where I am echoing the parsed information I am able to see that the table tag with all the info is in there but the jscript commands have been turned into comments. Is there a way for me to just grab the info and echo it out myself? I tried adding another ->find('tbody'); at the end of the parse command but it doesn't do anything. Any advice is appreciated. Thanks.
EDIT: You can try this code out yourself if you download the simple_html_dom.php and include it in your php file. Source: http://sourceforge.net/projects/simplehtmldom/files/
EDIT: Just noticed something really important. The javascript commands are commented out in the original webpage also. Instead, the original webpage is using a javascript function to print out the table which I do not have defined. Writing that function myself should fix the issue.
EDIT: yup, that worked.

Try using file_get_content instead of get HTML and see if that works. Honestly, depending on your needs, you should code your own parser. It is not that hard to write a parser for the table scan and display.
You will just need the following;
$array = split("<table>", $content);
$boolPlaceHolder = false;
and you can then set the placeholder to true when you encounter this way you can scan through the chars of the content and grab the table.
Hope this helps.

Related

I want to insert a piece of javascript code with php values in wordress admin(I tried wp_enque and wp_register)?

I created a very simple plugin in that I need to have a javascript variable.
var submit_url = <?php echo "some plugin url from functions"; ?>
I don't want to place it in the same view file. I check with both wp_enque and wp_register both of them used only to insert files not piece of script
please correct me if I am wrong about wp_enque and wp_register
I don't want to place it in the same view file, I checked that I can enter manually in wp-admin/admin-header.php.
Is there any other better way of doing that coz we have not changed anything inside wp-admin so far.

Echo the src value of an iframe on a page

If I have a file called 'index.php' and this file contains a lot of HTML lines...
Also (index.php) have this iframe:
<iframe src="http://test.com" />
How I can use PHP to get the src which is "http:/test.com" ... so it will be like that:
$getiframesrc=THE_CODE_WHICH_I_WANT_SOMEONE_TO_TELL_ME_ABOUT_IT;
And I can easily echo the src of the iFrame by echo $getiframesrc;
For example: If I want to make a browser using PHP, I want the URL Address Box's text to be the value of the iframe src (THIS IS ONLY AN EXAMPLE!!!)
So, please guys tell me what should be :
"THE_CODE_WHICH_I_WANT_SOMEONE_TO_TELL_ME_ABOUT_IT" .
EDIT: $getiframesrc will be in index.php too!
And thanks :-)
you can use ajax and jquery to get the src value then send it to the php file
Jquery
$(document).ready(function(){
var vidsrc = $("#iframeid").attr("src");
$.post( "index.php", { videosource: vidsrc });
});
index.php
if (isset($_POST["videosource"]))
{
$videosource = $_POST["videosource"];
// code to be excuted
}
Here's a working example -- and make sure you close your <iframe> tag.
$('button').click(function(){
var src = $('iframe').attr('src');
alert( src );
});
<script src="https://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js"></script>
<button>Read iframe src</button>
<iframe src="http://test.com"></iframe>
To re-use the src variable elsewhere on the page, just declare it outside the $('button').click(function() function -- or even outside the $(document).ready() fn.
EDIT:
To get the variable data to PHP... By the time the javascript runs, the DOM has been rendered. PHP has finished execution and will not run again on that page.
So, what to do? How to get the variable into PHP? You have two choices:
(1) Use a form - When submitting a form, the data is sent to the PHP file specified in the action= attribute on the <form> opening tag:
<form action="your_secondary_php_file.php" method="post">
Downside to a form is that user is navigated away from the page, or (at the very least) the page is refreshed.
(2) Use AJAX. AJAX (very simple, not to worry) will send your data to a back-end PHP file, the PHP file can do something with that data, and then it can (optionally) send new data/HTML/text/whatever back to the AJAX code block.
Advantage of using AJAX - will not refresh or move away from the current page. All user-entered data remains as is, and you can pro-grammatically receive data back from the PHP side and dynamically update the page with the new data. Magic by another name.
This answer contains some simple examples of AJAX.
Firstly, thank you very much #gibberish ( gibberish ) for your answer, it's the best answer for me and I'm using it now :-) .
I figured out how to do that with PHP (thanks for #gibberish to help, because his example helped me.) - But sorry :/ I can't say how I did that because it's very hard coded (everything is manual in that) ... so I will simplify it and post the answer :-)
Next to the #gibberish answer, we can use PHP GET variable and set the iFrame src with it.
Example:
PHP Part in index.php :
<?php
$iframesrc=$_GET['iframesrc'];
?>
HTML Part in index.php :
<iframe src=<?php echo $iframesrc; ?>></iframe>
And then we can access http://Mysite.tld/index.php?iframesrc=http://test.com ;)
So now, I can code well - like that:
if($iframesrc !=="http://test.com")
{
//code
}

Printing PHP script as plain text using jquery

I am trying to create a preview HTML division wherein I face a challenge.
When I try to get code from the textarea and print it in the HTML, I could not see the PHP code. Here's are my codes,
HTML Where the code from textarea will be printed
<pre id='pques'></pre>
jQuery code that will take value from textarea and put in the above HTML pretty print area:
jQuery(document).ready(function($) {
setInterval(function(){
$("#pques").html($("#eques").val());
}
});
Value inside the textarea with id=eques
What will be the output of the following php code?
<div class="code"><?php $num = 1; $num1 = 2; print $num . "+". $num1 ; ?> </div>
Someone kindly help me to achieve this. I want somewhat similar functionality to the stack overflow question preview stuff.
Thank you.
The simplest way to do this is to escape the angle brackets in the PHP open and closing tags as HTML entities:
<?php .. ?> becomes <?php ... ?> - PHP will not treat this as server code and will ignore it, but the browser will display < as < and > as >. This way you don't need JavaScript to do it, you can print it directly to the page. I would advise always HTML encoding any PHP code that is input on your site, and storing it with entities rather than executable code.
As you use jquery, you can achieve this as described here
This will escape the brackets as #kallum-tanton already pointed out.

Prevent Sql Injection but show posted data as it is on the page

I am building this application in Codeigniter PHP where i have many forms and grids.
But Issue right now i am facing is very critical regarding security.
When i post data using Ajax, i usually try to get it in controller like this
$this->input->post('someInputValueName');
but with the above statement anyone can write this below script and that script can be saved in the database as it is.
<script type="javascript"> alert('Hello World'); </script>
So when that data is shown in page, this above script is not shown as it is, instead it gets executed??
So i tried like this
mysql_real_escape_string($this->input->post('someInputValueName');
but with the above mysql method, \ slashes are added to the " and ', so this is the final result that is added to database and is shown in pages.
<script type=\"javascript\"> alert(\'Hello World\'); </script>
Cuz of which in the grid i start getting error, and my grid stopped populating cuz jquery thought it is error.
Now Coming to my Question, How is it possible that whatever user writes to input in database that input data should be saved as it is(or anyother way dosent matter) but when that data is called to show on grid or in page it should show as it is and should not be executed or try to execute on page?
Like in facebook comments if i post the above script line, it don't gets executed. it just displays as it is in the comment without any additional slashes.
Try this function:
http://php.net/manual/de/function.htmlentities.php
looks like it fits for your needs
you can use the XMP tag.
because XMP ignores HTML tags and entities
so
<XMP><script type="text/javascript"> alert('Hello World'); </script> aa</XMP>
will output exactly what you want.
Snippet
<XMP><script type="text/javascript"> alert('Hello World'); </script> aa</XMP>
more info about it is Here
Note : code and pre tags won't work for your cause.

Display Javascript/Html/PHP as text

I am trying to display code on a webpage, just as text, for the user to view. The code snippet is obtained from a database, input using a form, and put in a div using PHP. Jquery is then used to replicate the html of that div in another element. The code from the database will never be executed; I am basically just making notes.
Code example: alert('Hello'); (could be PHP or html)
What is the best way of displaying this as text, in my browser?
Filter it somehow using PHP as it is input using a form.
Use of HTML tags (pre, xmp tags, CDDATA).
Convert special characters with some javascript function.
combination of the above.
Example of use below.
PHP
$inputQuery="SELECT x FROM y";
$input = mysqli_query($dbc,$inputQuery);
$row = mysqli_fetch_array($input);
//no issues above, just used to clarify the issue. If $input is javascript code, the below doesn't work.
echo'
<div id="inputCode">'.$row["x"].'</div>';
JAVASCRIPT/JQUERY
var inputCode = $("#inputCode").html();
$( "#displayInputCode").html(inputCode);
Use htmlentities() to convert all the HTML special characters to entities, so they won't be executed:
echo'
<div id="inputCode">'.htmlentities($row["x"]).'</div>';
For HTML you can use htmlentities() which would protect against malicious data like <script> tags that include bad stuff; and for PHP you're already fine since echo'ing PHP code does not execute it (and browsers doesn't execute PHP code either).
Example code :
echo '<div id="inputCode">'.htmlentities($row["x"]).'</div>';

Categories

Resources