Confirmation pop up without on click.

Javascript coding ..

Moderators: macek, egami, gesf

anakramli
New php-forum User
New php-forum User
Posts: 1
Joined: Wed Feb 29, 2012 8:27 pm

Confirmation pop up without on click.

Postby anakramli » Wed Feb 29, 2012 8:34 pm

Hi all..

im doing my practical work. i encounter a problem whereby.

i need to check some action first before allowing confirmation box appear..

thus i cant use
<input type="submit" value="Delete User" name="delete" id="delete" style=" font:11px Verdana; border-color:SteelBlue; border-width:2px; border-style:solid; width:100px"/>

delete button onclick function..

when the user click delete i have to make some validation..
if its true then only proceed to

confirmation box.. asking.. do you want to delete selected users.

i only use simple java script function

function confirmation() {
var answer = confirm("Are you sure to delete?")
if (answer)
{
return true;
}
else
{
return false;

}
}


now im trying to get the return value...if returned true then only i ll delete data from database.


please enlighten me a bit............. :help:

TheProdigyGuy
New php-forum User
New php-forum User
Posts: 215
Joined: Wed Dec 07, 2011 5:25 pm

Re: Confirmation pop up without on click.

Postby TheProdigyGuy » Sat Mar 03, 2012 1:34 pm

Hello anakramli.

Code: Select all

<?php

echo '<input type="button" name="deleterecord" id="deleterecord" onclick="if(confirm(\'               Warning!\nYou are About delete *Room Number*\nAre you Sure?\')) {return location.replace(\'?deleteval=' .$obfuscatedid . '\');}else{return false;}" value="Delete This Number" /><br>' . PHP_EOL;

?>


So, as you can see i'm using button input type (not submit which does POST request)
Using button input type in fact your script will do GET request which is a bit "unsafe way"
Also all your client side validation will fail(in this case) if some one directly calls your script like:
/me.php?deleteval=1
Obviously no confirmation will appear in this case.

As you can see for prevent prone to CSRF attack i'm obfuscating my deleteval value $obfuscatedid

Then on accepting query when /my.php?deleteval=HEREGOESOBFUSCATEDDATA
i'm decrypting it using my simple algorithm.

You can use that way too but make sure you know what you are doing in bit safely manner.

Also note that when accepting and after decrypting my.php?deleteval=[imabout this]
do your enoght type casting(this works awesome if you deal with integers
$accepted=(int)$decrypted_data_which_comes_deleteval;

Hope it helps.


Return to “JavaScript”

Who is online

Users browsing this forum: No registered users and 1 guest

cron