Overclock.net › Forums › Software, Programming and Coding › Coding and Programming › Web Coding › Actually using jQuery?
New Posts  All Forums:Forum Nav:

Actually using jQuery? - Page 3

post #21 of 50
Quote:
Originally Posted by CynicalUnicorn View Post

Changing
Code:
displayInfo(search);

to
Code:
displayInfo(eval(search));

works perfectly. I'll link a zip folder or something, or possibly just copy and paste the text when I finish this and tell you what is JS, CSS, and HTML, when I finish.

DO NOT USE EVAL!!!

It's dangerous. If a third-party's code injects a function (as a string) on the page, your eval will execute it with 'first-party' permissions which causes problems because it can access things that you and the user may not want seen or manipulated (and makes social engineering attack easier too). Instead, do something like:
Code:
var final,
    inString = "abcde";

inString = "[" + inString + "]";

//this is much safer as the built-in JSON.parse() function cannot eval non-JSON javascript
final = JSON.parse(inString);

//in your case, it would be (assuming your search is a properly formatted JSON object)
displayInfo(JSON.parse(search))
post #22 of 50
Thread Starter 
For this project, there is no risk to using eval as there is nothing of any "significance," I suppose, that can be hacked. However, for anything that requires both client-side manipulation and security, I would not use it. Is JSON's just a derivative of Javascript or an "extra layer" of stuff? So like a .php file is just an .html file with PHP elements, .json is JavaScript with additional "stuff"?
Triumvirate
(20 items)
 
Osmium
(8 items)
 
For Sale: [FS] Z97 system: Xeon and RAM
$160 (USD) or best offer
CPUMotherboardRAMHard Drive
AMD A10-7870K ASRock FM2A88X-ITX+ G.Skill Ripjaws X - 2x4GB @ 2400MT/s Samsung 840 120GB 
CoolingOSPowerCase
Evercool EC-HPS-810CP Windows 7 Pro 64-bit PicoPSU-120-WI-25 Mini-Box M350 
  hide details  
Reply
Triumvirate
(20 items)
 
Osmium
(8 items)
 
For Sale: [FS] Z97 system: Xeon and RAM
$160 (USD) or best offer
CPUMotherboardRAMHard Drive
AMD A10-7870K ASRock FM2A88X-ITX+ G.Skill Ripjaws X - 2x4GB @ 2400MT/s Samsung 840 120GB 
CoolingOSPowerCase
Evercool EC-HPS-810CP Windows 7 Pro 64-bit PicoPSU-120-WI-25 Mini-Box M350 
  hide details  
Reply
post #23 of 50
No JSON is a data type, but its more of a data structure like an object array. I use it a lot. Very usefull for cross-domin-access stuff.

Inside JS you can use these as a variable And accessing it looks nicer and cleaner.
Code:
//Javascript Code

Var bob  = {
    "glossary": {
        "title": "example glossary",
                "GlossDiv": {
            "title": "S",
                        "GlossList": {
                "GlossEntry": {
                    "ID": "SGML",
                                        "SortAs": "SGML",
                                        "GlossTerm": "Standard Generalized Markup Language",
                                        "Acronym": "SGML",
                                        "Abbrev": "ISO 8879:1986",
                                        "GlossDef": {
                        "para": "A meta-markup language, used to create markup languages such as DocBook.",
                                                "GlossSeeAlso": ["GML", "XML"]
                    },
                                        "GlossSee": "markup"
                }
            }
        }
    }
}

XML of the same structure.
Code:
<!DOCTYPE glossary PUBLIC "-//OASIS//DTD DocBook V3.1//EN">
 <glossary><title>example glossary</title>
  <GlossDiv><title>S</title>
   <GlossList>
    <GlossEntry ID="SGML" SortAs="SGML">
     <GlossTerm>Standard Generalized Markup Language</GlossTerm>
     <Acronym>SGML</Acronym>
     <Abbrev>ISO 8879:1986</Abbrev>
     <GlossDef>
      <para>A meta-markup language, used to create markup
languages such as DocBook.</para>
      <GlossSeeAlso OtherTerm="GML">
      <GlossSeeAlso OtherTerm="XML">
     </GlossDef>
     <GlossSee OtherTerm="markup">
    </GlossEntry>
   </GlossList>
  </GlossDiv>
 </glossary>


Edited by Mrzev - 3/7/14 at 2:10pm
Zev's Comp
(15 items)
 
  
CPUMotherboardGraphicsRAM
Intel Core i5-2500K Sandy Bridge 3.3GHz GIGABYTE GA-Z68X-UD3H-B3 LGA 1155 Intel Z68 HDM... GeForce GTX 750 Ti G.SKILL Ripjaws X Series 8GB 
Hard DriveHard DriveHard DrivePower
1TB HDD 64GB SSD (Used for SRT) 500 GB. Antec BP550 Plus 550W Continuous Power ATX12V V... 
Case
COOLER MASTER ELITE 335 RC-335-KKN1-GP Black S... 
  hide details  
Reply
Zev's Comp
(15 items)
 
  
CPUMotherboardGraphicsRAM
Intel Core i5-2500K Sandy Bridge 3.3GHz GIGABYTE GA-Z68X-UD3H-B3 LGA 1155 Intel Z68 HDM... GeForce GTX 750 Ti G.SKILL Ripjaws X Series 8GB 
Hard DriveHard DriveHard DrivePower
1TB HDD 64GB SSD (Used for SRT) 500 GB. Antec BP550 Plus 550W Continuous Power ATX12V V... 
Case
COOLER MASTER ELITE 335 RC-335-KKN1-GP Black S... 
  hide details  
Reply
post #24 of 50
Quote:
Originally Posted by CynicalUnicorn View Post

For this project, there is no risk to using eval as there is nothing of any "significance," I suppose, that can be hacked. However, for anything that requires both client-side manipulation and security, I would not use it. Is JSON's just a derivative of Javascript or an "extra layer" of stuff? So like a .php file is just an .html file with PHP elements, .json is JavaScript with additional "stuff"?
http://json.org/

JSON is a standardized stringified JS object without any functions (thus the built-in JSON object in ECMAscript 5). In short, it's a way of transferring data and a fundamental of current AJAX. While all JSON is valid JS, not all JS is valid JSON.
Code:
//my JSON file. Notice that you need to quote the keys
//you also can't include comments
//undefined, NaN, etc are written as null
//the only types allowed are number, string, true, false, null, objects, and arrays
{
  "item1": 1,
  "item2": "string",
  "item3": [
    "nested",
    "array",
    "withNestedObject",
    {
      "key": 5,
      "key2": 6
    }],
  "item4": {
    "nested": true,
    "object": true
    "infiniteRecursion": [
        "is",
        "allowed,
      [1, 2, 3, 4, 5]
      ]},
  "final": null
}

If I did an XMLhttpRequest for the above JSON from the server, I could then assign it to a variable as follows
(MDN on XMLHttpRequest)
Code:
var request = new XMLHttpRequest;
//this executes when the file is fully loaded
request.onload = function () {
  var data = JSON.parse(request);
}
request.open("get", "/path/to/source", true);
request.send():

//or if you use jQuery
$.ajax({
  url: "/path/to/source"
  dataType: "json"
}).done(data) {
  //do stuff with data
);

//you can now access the JSON as though it were a regular object. for example

data.item1; //returns 1
data.item4.infiniteRecursion[2][4]; //returns 5
if (!data.final) {
  data.final = true;
}

doSomething(data.item3.withNestedObject[1]);

note: I *could* embed a script tag to make the request like below, but it's problematic because of asynchronous loading, dynamic data creation (RESTful web sites can generate a custom JSON in response to requests -- for example, if you were to search the site, it could return the result without redirecting you to a new page), and naming (if you load a new script with the same name, it overwrites the old one)
Code:
var elem = document.createElement('script');
elem.setAttribute("src", "/path/to/source");
document.body.appendChild(elem);
//note that this requires the script file to be something
var jsonName = {json: "here"};

EDIT: Looks like Mrzev beat me to the punch.
Edited by hajile - 3/7/14 at 2:41pm
post #25 of 50
Quote:
Originally Posted by CynicalUnicorn View Post

For this project, there is no risk to using eval as there is nothing of any "significance," I suppose, that can be hacked. However, for anything that requires both client-side manipulation and security, I would not use it. Is JSON's just a derivative of Javascript or an "extra layer" of stuff? So like a .php file is just an .html file with PHP elements, .json is JavaScript with additional "stuff"?
That's not quite true either. While it's quite common for those who are new to PHP to build sites with static HTML content and a few PHP elements thrown in, you'll find that larger / professional sites will go the complete opposite direction and have pure PHP in the .php files and the HTML bits in a separate templates file (the principle of which is typically referred to as 'MVC'). The idea being that you're separating the different languages and code stacks
post #26 of 50
Quote:
Originally Posted by CynicalUnicorn View Post

For this project, there is no risk to using eval

Huge mistake. There's always a risk to using eval no matter how good you think you are.
Ol' Sandy
(28 items)
 
"Zeus"
(12 items)
 
Elite Preview
(6 items)
 
CPUMotherboardGraphicsRAM
Intel Xeon E3-1230v3 Gigabyte GA-Z97X-UD5H-BK MSI Gaming GTX 980 Kingston 32GB (4x8) 
Hard DriveHard DriveHard DriveHard Drive
Plextor PX-256M5S 256GB Samsung EVO 1TB Hitachi HDS721010CLA332 Hitachi HDS723020BLA642 
Hard DriveHard DriveHard DriveOptical Drive
Hitachi HDS723020BLA642 Hitachi HUA722010CLA330 WDC WD10EARS-00Z5B1 TSSTcorp CDDVDW SH-S223B 
CoolingCoolingOSMonitor
Phanteks PH-TC14PE with TY-140's Lamptron FCv5 (x2) Windows 8 Pro 64-bit Dell U2412M 
MonitorMonitorMonitorKeyboard
Dell U2412M Dell U2212HM Dell U2713HM Topre Realforce 87UB | Ducky DK9087 G2 Pro 
PowerCaseMouseMouse Pad
Corsair AX-750 Corsair Obsidian 650D Logitech G700 XTRAC Ripper XXL 
AudioAudioAudioAudio
Beyerdynamic DT-770 Pro 250ohm Schiit Bifrost DAC Schiit Asgard 2 HiVi Swan M50W 2.1 
CPUMotherboardRAMHard Drive
Intel Xeon E5-2620 Super Micro X9SRL-F-B 128GB 1333MHz LSI 9271-8i 
OSPowerCase
VMware ESXi 5.5 SeaSonic SS-400FL2 Fractal Define R3 
CPUMotherboardGraphicsRAM
Intel Core i5-3437U HP EliteBook Folio 9470m  Intel HD Graphics 4000  16GB DDR3 SDRAM 
Hard DriveOS
256GB SSD Windows 10 Insider Preview 
  hide details  
Reply
Ol' Sandy
(28 items)
 
"Zeus"
(12 items)
 
Elite Preview
(6 items)
 
CPUMotherboardGraphicsRAM
Intel Xeon E3-1230v3 Gigabyte GA-Z97X-UD5H-BK MSI Gaming GTX 980 Kingston 32GB (4x8) 
Hard DriveHard DriveHard DriveHard Drive
Plextor PX-256M5S 256GB Samsung EVO 1TB Hitachi HDS721010CLA332 Hitachi HDS723020BLA642 
Hard DriveHard DriveHard DriveOptical Drive
Hitachi HDS723020BLA642 Hitachi HUA722010CLA330 WDC WD10EARS-00Z5B1 TSSTcorp CDDVDW SH-S223B 
CoolingCoolingOSMonitor
Phanteks PH-TC14PE with TY-140's Lamptron FCv5 (x2) Windows 8 Pro 64-bit Dell U2412M 
MonitorMonitorMonitorKeyboard
Dell U2412M Dell U2212HM Dell U2713HM Topre Realforce 87UB | Ducky DK9087 G2 Pro 
PowerCaseMouseMouse Pad
Corsair AX-750 Corsair Obsidian 650D Logitech G700 XTRAC Ripper XXL 
AudioAudioAudioAudio
Beyerdynamic DT-770 Pro 250ohm Schiit Bifrost DAC Schiit Asgard 2 HiVi Swan M50W 2.1 
CPUMotherboardRAMHard Drive
Intel Xeon E5-2620 Super Micro X9SRL-F-B 128GB 1333MHz LSI 9271-8i 
OSPowerCase
VMware ESXi 5.5 SeaSonic SS-400FL2 Fractal Define R3 
CPUMotherboardGraphicsRAM
Intel Core i5-3437U HP EliteBook Folio 9470m  Intel HD Graphics 4000  16GB DDR3 SDRAM 
Hard DriveOS
256GB SSD Windows 10 Insider Preview 
  hide details  
Reply
post #27 of 50
Quote:
Originally Posted by tompsonn View Post

Huge mistake. There's always a risk to using eval no matter how good you think you are.

Once you learn the "power" of eval you'll be tempted to use it again later when you want a quick and dirty workaround. Best to avoid it even for academic purposes.
    
CPUMotherboardGraphicsRAM
i7 920 D0 MSI X58 Pro-E GTX 560 Ti 448 3x2GB G.Skill DDR3-1333 9-9-9-24 
Hard DriveHard DriveOptical DriveOS
840 Pro Caviar Black LG BD-ROM Windows 8.1 Pro x64 
MonitorMonitorKeyboardPower
Dell U2713HM Dell U2311H Turbo-Trak (Google it :D) Corsair HX-520 
CaseMouseMouse PadAudio
CM690 Mionix Avior 7000 Everglide Titan AKG K 242 HD 
  hide details  
Reply
    
CPUMotherboardGraphicsRAM
i7 920 D0 MSI X58 Pro-E GTX 560 Ti 448 3x2GB G.Skill DDR3-1333 9-9-9-24 
Hard DriveHard DriveOptical DriveOS
840 Pro Caviar Black LG BD-ROM Windows 8.1 Pro x64 
MonitorMonitorKeyboardPower
Dell U2713HM Dell U2311H Turbo-Trak (Google it :D) Corsair HX-520 
CaseMouseMouse PadAudio
CM690 Mionix Avior 7000 Everglide Titan AKG K 242 HD 
  hide details  
Reply
post #28 of 50
Quote:
Originally Posted by randomizer View Post

Once you learn the "power" of eval you'll be tempted to use it again later when you want a quick and dirty workaround. Best to avoid it even for academic purposes.

I always avoid it for code optimisation purposes because eval blocks cannot be pre-compiled with the rest of the code.
post #29 of 50
I think that's only a secondary disadvantage smile.gif
    
CPUMotherboardGraphicsRAM
i7 920 D0 MSI X58 Pro-E GTX 560 Ti 448 3x2GB G.Skill DDR3-1333 9-9-9-24 
Hard DriveHard DriveOptical DriveOS
840 Pro Caviar Black LG BD-ROM Windows 8.1 Pro x64 
MonitorMonitorKeyboardPower
Dell U2713HM Dell U2311H Turbo-Trak (Google it :D) Corsair HX-520 
CaseMouseMouse PadAudio
CM690 Mionix Avior 7000 Everglide Titan AKG K 242 HD 
  hide details  
Reply
    
CPUMotherboardGraphicsRAM
i7 920 D0 MSI X58 Pro-E GTX 560 Ti 448 3x2GB G.Skill DDR3-1333 9-9-9-24 
Hard DriveHard DriveOptical DriveOS
840 Pro Caviar Black LG BD-ROM Windows 8.1 Pro x64 
MonitorMonitorKeyboardPower
Dell U2713HM Dell U2311H Turbo-Trak (Google it :D) Corsair HX-520 
CaseMouseMouse PadAudio
CM690 Mionix Avior 7000 Everglide Titan AKG K 242 HD 
  hide details  
Reply
post #30 of 50
Quote:
Originally Posted by randomizer View Post

I think that's only a secondary disadvantage smile.gif

That depends on your criteria.
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: Web Coding
Overclock.net › Forums › Software, Programming and Coding › Coding and Programming › Web Coding › Actually using jQuery?