Board index   FAQ   Search  
Register  Login
Board index php forum :: HTML JavaScript
Print view

Confirmation pop up without on click.

Javascript coding ..

Moderators: macek, egami, gesf

Post a reply

Confirmation pop up without on click.

Postby anakramli » Wed Feb 29, 2012 8:34 pm

Hi all..

im doing my practical work. i encounter a problem whereby.

i need to check some action first before allowing confirmation box appear..

thus i cant use
<input type="submit" value="Delete User" name="delete" id="delete" style=" font:11px Verdana; border-color:SteelBlue; border-width:2px; border-style:solid; width:100px"/>

delete button onclick function..

when the user click delete i have to make some validation..
if its true then only proceed to

confirmation box.. asking.. do you want to delete selected users.

i only use simple java script function

function confirmation() {
var answer = confirm("Are you sure to delete?")
if (answer)
{
return true;
}
else
{
return false;

}
}


now im trying to get the return value...if returned true then only i ll delete data from database.


please enlighten me a bit............. :help:
anakramli
New php-forum User
New php-forum User
 
Posts: 1
Joined: Wed Feb 29, 2012 8:27 pm
Top

Re: Confirmation pop up without on click.

Postby TheProdigyGuy » Sat Mar 03, 2012 1:34 pm

Hello anakramli.

Code: Select all
<?php

echo '<input type="button" name="deleterecord" id="deleterecord" onclick="if(confirm(\'               Warning!\nYou are About delete *Room Number*\nAre you Sure?\')) {return location.replace(\'?deleteval=' .$obfuscatedid . '\');}else{return false;}" value="Delete This Number" /><br>' . PHP_EOL;

?>


So, as you can see i'm using button input type (not submit which does POST request)
Using button input type in fact your script will do GET request which is a bit "unsafe way"
Also all your client side validation will fail(in this case) if some one directly calls your script like:
/me.php?deleteval=1
Obviously no confirmation will appear in this case.

As you can see for prevent prone to CSRF attack i'm obfuscating my deleteval value $obfuscatedid

Then on accepting query when /my.php?deleteval=HEREGOESOBFUSCATEDDATA
i'm decrypting it using my simple algorithm.

You can use that way too but make sure you know what you are doing in bit safely manner.

Also note that when accepting and after decrypting my.php?deleteval=[imabout this]
do your enoght type casting(this works awesome if you deal with integers
$accepted=(int)$decrypted_data_which_comes_deleteval;

Hope it helps.
TheProdigyGuy
New php-forum User
New php-forum User
 
Posts: 215
Joined: Wed Dec 07, 2011 5:25 pm
Top
Post a reply

Return to JavaScript

Who is online

Users browsing this forum: No registered users and 1 guest

Sponsored by Sitebuilder Web hosting and Traduzioni Italiano Rumeno and antispam for cPanel.

Powered by phpBB® Forum Software © phpBB Group
© Supernova Style by Boardtalk.net Originally by Christian Bullock