Changes

Jump to: navigation, search

BTC640/ProcessingAjax

2,794 bytes added, 08:38, 25 July 2013
Spy on User Example
It's nasty stuff (don't do this for your clients) but shows you how much power Ajax gives you as the website owner.
 
My PHP script looks like this:
 
<pre><?php
 
if (isset($_GET["k"]) && isset($_GET["v"]))
{
$file = fopen("logs/log.txt", "a");
if ($file === FALSE)
{
echo "Failed to open file for writing\n";
return;
}
 
fwrite($file, date(DATE_RFC822) . ": " . $_SERVER['REMOTE_ADDR'] . ": " . $_GET["k"] . ":" . $_GET
["v"] . "\n");
echo "Log done\n";
}
else
echo "Wrong parameters given";
?>
</pre>
 
Note that none of the echos will show up anywhere in the calling webpage if it's done by an Ajax call, unless the javascript that made the call decides to do something with the returned data. In this case I don't need to.
 
And my client-side code:
 
<pre>
<script type="text/javascript">
function setup()
{
document.onmousedown = mousedown;
//~ document.onmousemove = mousemove;
document.onmouseup = mouseup;
document.oncopy = copy;
//~ document.onkeydown = keydown;
}
 
function mousedown(event)
{
//~ alert("down at" + event.clientX + "x" + event.clientY);
logStuff("mousedown", event.clientX + "x" + event.clientY);
}
function mousemove(event)
{
//~ alert("move to " + event.clientX + "x" + event.clientY);
logStuff("mousemove", event.clientX + "x" + event.clientY);
}
function mouseup(event)
{
//~ alert("up at" + event.clientX + "x" + event.clientY);
logStuff("mouseup", event.clientX + "x" + event.clientY);
}
function copy(event)
{
//~ alert("copied " + window.getSelection());
logStuff("copy", window.getSelection());
}
function keydown(event)
{
if(event.ctrlKey && event.keyCode == 67)
alert("ctrl+c " + window.clipboardData);
}
function logStuff(event, data)
{
var xmlhttp = new XMLHttpRequest();
xmlhttp.onreadystatechange = function()
{
//alert(xmlhttp.readyState + " " + xmlhttp.status);
if (xmlhttp.readyState == 4 && xmlhttp.status == 200)
{
alert(xmlhttp.responseText);
}
}
// This won't work on newer browsers because of a security restriction:
xmlhttp.open("GET", "http://littlesvr.ca/spy/spy.php?k=" + event + "&v=" + data);
// But this will:
xmlhttp.open("GET", "spy.php?k=" + event + "&v=" + data);
xmlhttp.send();
//alert('sent ' + "spy.php?k=" + event + "&v=" + data)
}
</script>
</pre>
== Resources ==
= Lab =
still Create a PHP page with an HTML button. # When the button is pressed an Ajax request will be made to the server (the same or a different PHP file).# The server will generate a random number using the rand() function and send the result back to comethe client.# The client will display that number somewhere on the page== Submit == * Leave your PHP scripts on the server.* Submit to moodle (lab7) the same php script(s)* In the comments for the submission - mention where on the server I can find your working page.

Navigation menu