473,288 Members | 1,710 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

Join Bytes and contribute your articles to a community of 473,288 developers and data experts.

Hide JavaScript code from the client

1
This is the only working way to completely hide your JavaScript code from the client just like PHP or ASP code.

Here we'll need the help of PHP. Here is the code:
index.php
__________________________________________________ ______
Expand|Select|Wrap|Line Numbers
  1. <?PHP
  2.     @session_start(); //Start our session.
  3.     if(@!session_is_registered('PrintTheJavaScript')){ //If the session is not registered (and it's not).
  4.         @session_register('PrintTheJavaScript'); //Register the session.
  5.     } // End if(@!session_is_registered('Pri...
  6.     $_SESSION["PrintTheJavaScript"] = true; //Set the session value to TRUE.
  7. ?>
Expand|Select|Wrap|Line Numbers
  1. <html>
  2. <head>
  3. <meta http-equiv="Content-Type" content="text/html; charset=windows-1256" />
  4. <title>Hide Javascript Code</title>
  5. <!--Here we call our Javascript page the first time it'll provide us with our javascript code -->
  6. <script language="javascript" src="./javascript.php"></script>
  7. <!--
  8. We call the same page again AND THIS IS SECOND PART OF THE TRICK.
  9. because after we called it the first time it will set the session value to FALSE which mean it will print NOTHING
  10. -->
  11. <script language="javascript" src="./javascript.php"></script>
  12. </head>
  13.     Try to save this page or go straight from your browser to the (javascript.php) page<br>
  14.     and see if you can get my javascript code.<br>
  15.     YOU'LL NEVER CAN.
  16. <body>
  17. </body>
  18. </html>
__________________________________________________ ___________

javascript.php
__________________________________________________ ___________
Expand|Select|Wrap|Line Numbers
  1. <?php
  2. /*
  3.      ___________________________________________________________
  4.     |                                                                                                        |
  5.     |    Script name: Hide Javascript Code.                                                        |
  6.     |    Script date: 16/12/2007                                                                    |
  7.     |    Script author: Mahr Bakr                                                                        |
  8.     |                        admin@SOLAV.com                                                        |
  9.     |    Script goal: Hiding the javascript code from the client like PHP & ASP        |
  10.     |    Script license: Free for personal and commercial.                                    |
  11.     |    *******************************************************    |
  12.     |    Keep this note or at least point to me as the author of the script            |
  13.     |    *******************************************************    |
  14.     /___________________________________________________________\
  15.  
  16. */
  17.     @session_start(); //Start our session.
  18.     header("Cache-Control: no-store, no-cache"); //Tell the browser to not cache this page (don't store it in the internet temp folder).
  19.     header("Content-type: text/javascript"); //Let the browser think that this is a Javascript page.
  20.     //If the session value is TRUE that means the client has opened the main page (which creates our session and sets its value to TRUE).
  21.     if ($_SESSION["PrintTheJavaScript"] == true){
  22.         //Now we can print our javascript code using PHP's echo command.
  23.         echo '
  24.         // Here is our hidden javascript source.
  25.         var Something="This is a real hidden Javascript code";
  26.         alert(Something);
  27.         // End of our hidden javascript source.
  28.         ';
  29.     }else{
  30.         //If the client tried to open the page straight from the browser (he is trying to see our hidden code).
  31.         // Print some fake code or don't print anything.
  32.     }
  33.     //Set the session value to false AND THIS IS FIRST PART OF THE TRICK.
  34.     //because we are going to call this page again and it'll print nothing (because $_SESSION["PrintTheJavaScript"] <> TRUE)
  35.     //so even if the client tried to SAVE the page this page will be saved empty.
  36.     $_SESSION["PrintTheJavaScript"] = false;
  37. ?>
See if you can get my JavaScript code. You'll never be able to. I hope this will help all of you.
Dec 16 '07 #1
47 65157
acoder
16,027 Expert Mod 8TB
Interesting. I don't know if this is completely foolproof, but this has been asked for in the past and someone may find it useful (even if just to please the boss!). Thanks for posting.
Dec 29 '07 #2
I've figured out how to bypass this. Period.

khattam.khattam[â+ +he Râ+e 0f]Gmâ!1[d0t]çöm
Jan 7 '08 #3
acoder
16,027 Expert Mod 8TB
I've figured out how to bypass this. Period.
Care to post how?

I personally think it's futile attempting to hide JavaScript from the client anyway. Any security/password code should be on the server-side. The rest of the code may be brilliant, but there's someone out there who's probably written better code and is giving it for free.
Jan 7 '08 #4
Care to post how?

I personally think it's futile attempting to hide JavaScript from the client anyway. Any security/password code should be on the server-side. The rest of the code may be brilliant, but there's someone out there who's probably written better code and is giving it for free.

I personally think that hiding such a script is impossible, because the browser needs to know the script to run... and the code needs to be retrieved.. So even if they make it more secure then anyone with the most basic knowledge of how browser sends the code can easily make an app to view the code.

Anyways, for this case, here's how you can do this in different browsers:

Opera:

Open the page containing the hidden js script http://khoya.atwebpages.com/fakejs/index.php Stop executing scripts for the page.... And reload the page

Then open the location http://khoya.atwebpages.com/fakejs/javascript.php

You will see the hidden JS code.

Firefox:

Disable Javascript. Open the page containing the hidden js script http://khoya.atwebpages.com/fakejs/index.php

Then open the location http://somesite.com/somepath/javascript.php

You will see the hidden JS code.

Other Browsers:

I don't use IE and other browsers, but it should work the same way as it does on Opera and Firefox.

Disable Javascript, and then open the index page or the site containing the script in your browser eg. http://khoya.atwebpages.com/fakejs/index.php Then open the location http://khoya.atwebpages.com/fakejs/javascript.php You will see the hidden JS code.

Any Browser:

Also, you can do this from any browser: Navigate to http://khoya.atwebpages.com/fooljs/index.php

Then enter the http://khoya.atwebpages.com/fakejs/index.php , i.e. the site containing the script and then enter http://khoya.atwebpages.com/fakejs/javascript.php on the 2nd box which is the php containing the hidden script.

Then submit and then you can see the code in a textarea that you can copy.

However, this was a gud attempt, which can certainly scare n00bs away!!
Jan 7 '08 #5
acoder
16,027 Expert Mod 8TB
Good stuff. As simple as you like!
Jan 7 '08 #6
gits
5,390 Expert Mod 4TB
I personally think it's futile attempting to hide JavaScript from the client anyway. Any security/password code should be on the server-side. The rest of the code may be brilliant, but there's someone out there who's probably written better code and is giving it for free.
that's really true :) ... the combination of html/css/javascript is a open-source combination per se ... and there is no reason why somebody should hide his javascript-code only for this simple idea ... we get nearly everything from the web itself to build pages, apps whatever for it ... and we should return the favour back to it and its users/developers ... besides that i think there is no reliable way to hide js-code :) ... i'm aware of the requirement that some things have to be hidden ... especially business logic or authentication- and other security or business-relevant things ... but this is a challenge for the developer ... to make a good architecture that makes use of the server- and clientside in a manner that justifies all requirements ... so the client simply shouldn't handle security-relevant things ... and when it wouldn't be security or business relavant ... why hide it then? have a look at that bunch of javascript-frameworks ... even good or bad ones ... you may always use them for free ... and you may extend, modify them or whatever ... and the guys who developed them certainly spent a lot of time for it ... but it is free! i really think ... everything that is coded with javascript is open source ... not only technically but has also to be considered so!!! ... if you don't want it ... make it serverside and don't publish it ... since you cannot avoid publishing/deploying the code :) ... may be with the current ajax-wave in webdevelopment there might be a chance that browsers may be extended to handle js-code in a compiled way or something like that in the future ... but i didn't ever hear about that idea nor i think that this should be done :)
Jan 8 '08 #7
hdanw
61
Care to post how?

I personally think it's futile attempting to hide JavaScript from the client anyway. Any security/password code should be on the server-side. The rest of the code may be brilliant, but there's someone out there who's probably written better code and is giving it for free.

There can't always be someone better, THere has to be a best somewhere.

There are several reasons to hide code.

Keeping your patents profitable are one of them.

Keeping data sources safe are another.

I have seen web sites that had the View->source button disabled .

Wish I had bookmarked it, becuase when I started looking for how to do that no-one seems to know.
Feb 1 '08 #8
acoder
16,027 Expert Mod 8TB
There can't always be someone better, THere has to be a best somewhere.
I meant for the people who usually ask these sorts of questions.

There are several reasons to hide code.

Keeping your patents profitable are one of them.

Keeping data sources safe are another.
If you want to keep anything safe, leave it on the server side. As for the actual code, you can make the job harder for anyone who wants to copy by obfuscating or encryting/encoding it.
Feb 2 '08 #9
gits
5,390 Expert Mod 4TB
Keeping your patents profitable are one of them.
then don't publish them to the client ... writing javascript code is ALWAYS publishing the code to the client, since the code has to be interpreted by the browser ...

Keeping data sources safe are another.
this is a very simple architecture-issue - again!: don't publish security relevant things to the client ... don't embed sql, passwords, usernames in javascript-code!! even when using ajax you should build a secure server-application that allow you to call the nessecary services without the need of publishing sensitive data!

I have seen web sites that had the View->source button disabled .
so i would simply have to look at the downloaded tempory web-files where everybody could have a look at your code ... even everybody could change it ... so it is simply not reliable to rely on javascript-code for the reasons you mentioned ... so simply don't use it for that!

of course you could make it harder for users to read the javascript-code ... but you cannot avoid it ... it IS not reliable and everybody should be aware of it ... use the technology that suits the requirements ... a Database for storing data, serverside scripting/coding to connect a webfrontend with the database ... and use clientside scripting with javascript to enhance usability but don't code business-logic here!

kind regards
Feb 4 '08 #10
hdanw
61
then don't publish them to the client ... writing javascript code is ALWAYS publishing the code to the client, since the code has to be interpreted by the browser ...

kind regards
I have a situation where I have a lot of processor intensive code, that Can be run on the client side, but I don't want to expose the algo.

Would you recomend a downloadable executable that also processes the web content?

If so, aren't we talking about a Hibred Web Browser? Why don't we build one?

It would be real simple to include a client key in the browser information, that could be used to encrypt "locked" code in php, or asp.net.

The code is then deencrypted on the client and ran while locking the source to prying eyes.

Again its only as safe as keeping the encryption algorithms hush hush, changing them periodically, etc..

I was told once that someone had an active x plug in that would hide code. I went to his site, and not having the active X control, had no problems emailing his code back to him.
Feb 4 '08 #11
acoder
16,027 Expert Mod 8TB
I have a situation where I have a lot of processor intensive code, that Can be run on the client side, but I don't want to expose the algo.
Is it just the algorithm that you want to hide?

Would you recomend a downloadable executable that also processes the web content?

If so, aren't we talking about a Hibred Web Browser? Why don't we build one?

It would be real simple to include a client key in the browser information, that could be used to encrypt "locked" code in php, or asp.net.

The code is then deencrypted on the client and ran while locking the source to prying eyes.

Again its only as safe as keeping the encryption algorithms hush hush, changing them periodically, etc..
There are ways to encrypt, but that would still require the decrypting code to be seen.

I was told once that someone had an active x plug in that would hide code. I went to his site, and not having the active X control, had no problems emailing his code back to him.
There are some IE-only 'solutions'.
Feb 7 '08 #12
Kelicula
176 Expert 100+
There are also methods for hiding the purpose of the code, from the client through obfuscation.

Example:
Expand|Select|Wrap|Line Numbers
  1. var e;function q(){
  2. for(w=0;w<e.length;w++){
  3. var yhtegfr = e.substr(0, 3);
  4. var uhytf= e.substr(yhtegfr, -1);
  5. if(x<23){
  6. setTimeout(window.status=uhytf,2000);
  7. x--;
  8. }else{tegf();x--}
  9. }}
  10. e="abcdefghijklmnop";//qrstuvwxyz";
  11. function tegf(){
  12. document.write("hello\n");
  13. }
  14. var x=100;q();
  15. // Crazy head ache of a script...
  16.  
  17.  
All it does is write hello to the screen 16 times..
Feb 12 '08 #13
acoder
16,027 Expert Mod 8TB
There are also methods for hiding the purpose of the code, from the client through obfuscation.
You can do better than that ;) But, I take your point. However, unless you have something which converts nice, clean code into ugly, obfuscated code, you're the one that's going to suffer if you need to change anything.
Feb 13 '08 #14
Kelicula
176 Expert 100+
You can do better than that ;) But, I take your point. However, unless you have something which converts nice, clean code into ugly, obfuscated code, you're the one that's going to suffer if you need to change anything.
That is true.

Yeah I just through that together real quick, but you got the idea.
Feb 13 '08 #15
Anybody think this obfuscator could be reliable? http://www.stunnix.com/prod/jo/javascript-obfuscator-overview.shtml

I haven't needed nor used an obfuscator before. My client's requirement is for my javascript to be 100% safe. Is server-side coding the only 100% safe method for preventing code viewing in browsers?
Feb 17 '08 #16
Kelicula
176 Expert 100+
Anybody think this obfuscator could be reliable? http://www.stunnix.com/prod/jo/javascript-obfuscator-overview.shtml

I haven't needed nor used an obfuscator before. My client's requirement is for my javascript to be 100% safe. Is server-side coding the only 100% safe method for preventing code viewing in browsers?
Yes. The only 99% safe way is server-side.
I say 99% because even then, it's hackable.

But no matter how obfuscated it gets theres always someone that can crack it.


Of, course that's just my opinion.
Feb 17 '08 #17
acoder
16,027 Expert Mod 8TB
Yes. The only 99% safe way is server-side.
I say 99% because even then, it's hackable.

But no matter how obfuscated it gets theres always someone that can crack it.


Of, course that's just my opinion.
My opinion too and of many others more knowledgeable than us ;)
Feb 18 '08 #18
acoder
16,027 Expert Mod 8TB
I haven't needed nor used an obfuscator before. My client's requirement is for my javascript to be 100% safe.
When you say 100% safe, do you mean that it's safe from prying eyes? Why does it need to be hidden? See some of the comments earlier (if you haven't already).
Feb 18 '08 #19
hsriat
1,654 Expert 1GB
IE supports something called Jscript-encode. But its major drawback is that it won't run on any browser other than IE.
Feb 22 '08 #20
gits
5,390 Expert Mod 4TB
IE supports something called Jscript-encode. But its major drawback is that it won't run on any browser other than IE.
not even that ... its reverse engineered too :) look here

kind regards
Feb 22 '08 #21
hsriat
1,654 Expert 1GB
not even that ... its reverse engineered too :) look here

kind regards
Yeah I read that! Poor IE guys! :D
Feb 22 '08 #22
gits
5,390 Expert Mod 4TB
as it was mentionied more then one time ... the browser has to interpret the javascript code and so in any way the code it to be transfered to the browser ... there is always a method to see the code ... as you might even see on the comments on your linked page. the only reliable way to hide those code from the client which really needs to be hidden is to avoid that code in javascript - and btw. how should your method hide something? the url is just a php script and in chromium i just need to click 'view page source' and then click the links to retrieve the code that is served from the php script:

here is the js:
Expand|Select|Wrap|Line Numbers
  1. $(document).ready(function () {  
  2.     $(".imgnorm").mouseover(function(){
  3.         var id = $(this).attr("id");
  4.         $("#largeimg"+id).fadeIn('medium');
  5.  
  6.     $(".imgzoom").mouseout(function(){
  7.         $("#largeimg"+id).fadeOut('medium');
  8.     });
  9.     })
  10. });
and here the start of the css:
Expand|Select|Wrap|Line Numbers
  1. * {
  2. margin: auto;
  3. padding:0;
  4. }
  5. div.fluid {
  6. width: 100% !important;
  7. }
  8. body {
  9.     margin: 0px;
  10.     padding: 0px;
  11.     font-family: Gotham Black, Arial, Helvetica, Calibri, sans-serif;
  12.     font-size: 14px;
  13.     line-height: 140%;
  14.     color:#333333;
  15.     background: url('http://valajionetworks.com/images/bg.gif');
  16.     background-repeat: repeat;
  17.     background-attachment: fixed;
  18. }
  19. .page_body {
  20. min-width:10px;
  21. max-width:900px;
  22. background:#ffffff;
  23. border:5px solid #8DA6C5;
  24. padding:10px;
  25. }
  26.  
i suppose if would use firebug or other common dev extenions i would just need to have a look at the script, css sections to see the used directives ... this is due to the technology ... the name clientside code is for a reason ... the code is to be executed at the client and therefor must be located there somehow ... no matter how tricky you serve it ... but it IS there and thus can be read, copied, pasted and so on ...
Mar 25 '10 #23
@SOLAV
that was a clever one , but when u put function instead of var inside it , it wont work, why?
Apr 29 '10 #24
@Kelicula
where to put the hidden code?
Apr 29 '10 #25
acoder
16,027 Expert Mod 8TB
@mehxxran
That is the code. There's no need to hide it. It's obfuscated, so the purpose of the code and how it produces what it does is "hidden". Of course, it's not really hidden, but it makes it a lot more difficult for someone to try to work out which parts to copy. You shouldn't be using it to hide sensitive information.
Apr 30 '10 #26
as far as i understood till now , the one who want to steal the obfuscated code , just simply copy and paste it on his site, no matter how difficult is to see the code, and also after that you were talking about making it safe by server , can u explain about that method too?
Apr 30 '10 #27
acoder
16,027 Expert Mod 8TB
Basically, put information you wish to hide on the server. Don't publish it on the client no matter what type of obfuscation you may use.
May 2 '10 #28
hii!!, by using this code above im having an error.
Expand|Select|Wrap|Line Numbers
  1. <!DOCTYPE html>
  2.  
  3. <html>
  4. <head>
  5.  
  6. <script src="https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js"></script>
  7. <script type="text/javascript" src="https://cdn.emailjs.com/dist/email.min.js"></script>
  8.  
  9.  
  10.     <?PHP
  11.         @session_start(); //Start our session.
  12.         if(@!session_is_registered('PrintTheJavaScript')){ //If the session&nbsp;is not registered (and it's ;not).
  13.             @session_register('PrintTheJavaScript'); //Register ;the session.
  14.         } // End if(@!session_is_registered('Pri...
  15.         $_SESSION["PrintTheJavaScript"] = true; //Set the session&nbsp;value to TRUE.
  16.     ?>
  17.  
  18.  
  19.     <link rel="icon" type="icon" href="assets/pics/favicon.ico">
  20.     <link rel="stylesheet" href="https://www.w3schools.com/w3css/4/w3.css" />
  21.     <link rel="stylesheet" type="text/css" href="assets/css/style.css" />
  22.     <meta name="viewport" content="width=device-width, initial-scale=1" />
  23.     <meta charset="utf-8" />
  24. <script type="text/javascript" src="javascript.php"></script>
  25. <script type="text/javascript" src="javascript.php"></script>
  26. <?php
  27.     echo "<script>alert('good')</script>";
  28.   echo "<script src='js/formfilled.js'></script>"; 
  29.     ?>
  30.     <title>yirus world</title>
  31.     <style type="text/css">
  32.         .content {
  33.   padding: 16px;
  34. }
  35.  
  36. .sticky {
  37.   position: fixed;
  38.   top: 0;
  39.   width: 100%;
  40.   left: 0%;
  41.  
  42. }
  43.  
  44. .sticky + .content {
  45.   padding-top: 102px;
  46. }
  47.     </style>
  48. </head>
  49. <body class="w3-mobile">
  50.  
  51.  
  52.     <div id="container">
  53.     <div class="w3-wrapper w3-container" id="myHeader">
  54.  
  55.             <div class="w3-black sticky " id="myHeader" style="margin: auto;">
  56.                 <center>
  57.                     <a href="#" class="w3-bar-item w3-button  w3-center">Home</a>
  58.                     <a href="#" class="w3-bar-item w3-button  w3-center">Posts</a>
  59.                     <a href="#" class="w3-bar-item w3-button  w3-center">Practice place</a>
  60.                     <a href="#" class="w3-bar-item w3-button  w3-center">My Projects</a>
  61.                     <a href="assets\others\about.html" class="w3-bar-item w3-button  w3-center">about me</a>
  62.                     <a href="#" class="w3-bar-item w3-button  w3-center">Contact me</a>
  63.  
  64.                 </center>
  65.             </div>
  66.             <div class="w3-div" style="width:100%; height: 480px; border: 4px solid black;" >
  67.                 <a href="index.html">    <h1 class="hide-text">Yirus world</h1>
  68.         <h1 class="hide-text" >virus world</h1>
  69.         <h1 class="hide-text">virus</h1>
  70.         <h1 class="hide-text">khushit shah</h1>
  71.         <h1 class="hide-text">VIRUS</h1>
  72.         <h1 class="hide-text">virus protection</h1>
  73.         <h1 class="hide-text">hacking</h1>
  74.         <h1 class="hide-text">hacking protection </h1>
  75.         <h1 class="hide-text">hacker world</h1>
  76.         <h1 class="hide-text">hacked.com</h1>
  77.         <h1 class="hide-text">Yirus world.com</h1>
  78.         <h1 class="hide-text">virus world.com</h1>
  79.         <h1 class="hide-text">*.com & * *.*.in</h1></a>
  80.                 <img src="assets/pics/1.jpg" class="w3-image" style="width: 100%; height:473px; padding-bottom: 0px;">
  81.             </div>
  82.  
  83.             <div class=" w3-grey content">
  84.  
  85.                 <div class="recent-posts" ondblclick="redirect('assets\\posts\\yirus-for-restarting.html');">
  86.                     <h2 class="posts-headings">Virus for restarting pc forever</h2>
  87.                     <div class="disclaimer">
  88.                         <h3>
  89.                             DISCLAIMER:-
  90.                         </h3 >
  91.                         <p class="disclaimer-content">
  92.                         Content posted in this website is for education purpose only.
  93.                         Misuse of the content is not our resposiblity at all.
  94.                         </p>
  95.  
  96.                     </div>
  97.                         <p>
  98.                         If you are new over here then please first have a read at.        
  99.                         <a href="posts\making-a-virus.html">
  100.                         Making a virus:-                
  101.                         </a>
  102.                         </p>
  103.                         <div class="index-posts" ondblclick="redirect('assets\\posts\\yirus-for-restarting.html');">
  104.                                 <p>This virus is to restart a pc forever as the pc turn on it will restart the pc.
  105.                                 </p>
  106.                                 <p>
  107.                                     To build it first of all open Notepad and write following code in it>
  108.                                         <br><code class="code">@echo off
  109.                                                     <br> shutdown -r -t "30" -c "Your pc has been hacked"
  110.                                         </code>
  111.                                         <p>
  112.                                         <a href="posts\yirus-for-restarting.html" class="read-more">(read more)</a>
  113.                                         <p>
  114.                                 </p>
  115.                         </div>
  116.                 </div>
  117.  
  118.  
  119.  
  120.             </div>
  121.             <div class="w3-footer w3-container w3-black">
  122.                     <center><p>
  123.                         Content in this website is for educational purpose only misuse of content is not over responsiblity
  124.                     </p>
  125.                     copyrighted &copy;  Yirus world     
  126.                 </center>
  127.             </div>
  128.     </div>
  129.     <div class="w3-container w3-grey content">
  130. <form id="myform" method="post">
  131. <label>name</label>
  132. <input type="text" name="name" />
  133. <label>email</label>
  134. <input type="text" name="email" />
  135. <label>from_name</label>
  136. <input type="text" name="from_name" />
  137. <label>message</label>
  138. <input type="text" name="message" />
  139. <br><br>
  140. <button ></button>
  141. Send
  142. </button>
  143. </form>
  144. </div>
  145. </div>
  146.  
  147. <script>
  148.  
  149. var myform = $("form#myform");
  150. myform.submit(function(event){
  151.     event.preventDefault();
  152.  
  153.   // Change to your service ID, or keep using the default service
  154.   var service_id = "default_service";
  155.   var template_id = "template_Tw7cPE5l";
  156.  
  157.   myform.find("button").text("Sending...");
  158.   emailjs.sendForm(service_id,template_id,"myform")
  159.       .then(function(){ 
  160.         alert("Sent!");
  161.        myform.find("button").text("Send");
  162.     }, function(err) {
  163.        alert("Send email failed!\r\n Response:\n " + JSON.stringify(err));
  164.        myform.find("button").text("Send");
  165.     });
  166.   return false;
  167. });
  168. </script>
  169. <script>
  170. $(function(){
  171. $('body > div:last-child:not(#container)').remove();
  172.  
  173. });
  174. </script>
  175. </body>
  176. </html>
ERROR is--

Fatal error: Uncaught Error: Call to undefined function session_is_registered() in /storage/ssd1/533/5142533/public_html/index.php:10 Stack trace: #0 {main} thrown in /storage/ssd1/533/5142533/public_html/index.php on line 10

I have no expirence in php i just used this to hide my sensitive javascript can anyone make me understansd what is wrong


JAVASCRIPT.PHP
Expand|Select|Wrap|Line Numbers
  1. <?php
  2. /*
  3.      ___________________________________________________________
  4.     |                                                                                                        |
  5.     |    Script name: Hide Javascript Code.                                                        |
  6.     |    Script date: 16/12/2007                                                                    |
  7.     |    Script author: Mahr Bakr                                                                        |
  8.     |                        admin@SOLAV.com                                                        |
  9.     |    Script goal: Hiding the javascript code from the client like PHP & ASP        |
  10.     |    Script license: Free for personal and commercial.                                    |
  11.     |    *******************************************************    |
  12.     |    Keep this note or at least point to me as the author of the script            |
  13.     |    *******************************************************    |
  14.     /___________________________________________________________\
  15.  
  16. */
  17.     @session_start(); //Start our session.
  18.     header("Cache-Control: no-store, no-cache"); //Tell the browser to not cache this page (don't store it in the internet temp folder).
  19.     header("Content-type: text/javascript"); //Let the browser think that this is a Javascript page.
  20.     //If the session value is TRUE that means the client has opened the main page (which creates our session and sets its value to TRUE).
  21.     if ($_SESSION['PrintTheJavaScript'] == true){
  22.         //Now we can print our javascript code using PHP's echo command.
  23.         echo '
  24.          <script>alert("good php hide javascript code is working");</script>
  25.         ';
  26.     }else{
  27.         echo '<script>alert("oops!");</script>';
  28.     }
  29.     //Set the session value to false AND THIS IS FIRST PART OF THE TRICK.
  30.     //because we are going to call this page again and it'll print nothing (because $_SESSION["PrintTheJavaScript"] <> TRUE)
  31.     //so even if the client tried to SAVE the page this page will be saved empty.
  32.     $_SESSION["PrintTheJavaScript"] = false;
  33. ?>
ERROR IN THIS is
it print the following....
<script>alert("oops!");</script>
Mar 26 '18 #29
gits
5,390 Expert Mod 4TB
don't bother with that - did you read the entire thread? it doesn't hide it - you only cant see it directly in the page-source. There is no reliable way to hide javascript code from the client - since it has to be delivered to the client, interpreted and executed - else the javascript code wouldn't even have a purpose. the point is to only have that in the javascript code what is not sensitive - its useless to even try such - its just useless overhead with no success in providing any kind of security of something in that code.
Mar 27 '18 #30
pls visit samy.pl he is hiding his entire code how
Mar 27 '18 #31
Taro
4
samy.pl
/code/no.js
Expand|Select|Wrap|Line Numbers
  1. function disableclick(event){if(event.button==2)return false;}
  2. document.onmousedown=disableclick;
and it's all? nothing more interesting?
Mar 27 '18 #32
gits
5,390 Expert Mod 4TB
this doesn't hide anything - it just disables the right click on that document. so open the developer tools of a browser and see the complete code there - its pointless to try such as stated many times already in this thread - since you cannot have success - its simply how webpages with javascript have to work - it cannot be prevented to deliver the javascript code to the client - thus it is not protectable. its interpreted code - even if you obfuscate or somehow encode it - its at the client and thus decodable - it just makes no sense to try it - its pointless overhead. Putting anything into javascript that would need protection is just plain wrong architecture of the application - period.
Mar 28 '18 #33
You are right he disabled right click but when you try to see the code through following method see what happens.
view-source:https://samy.pl. Pls reply
Mar 28 '18 #34
gits
5,390 Expert Mod 4TB
well - i dont want to post all the code of that mentioned page here - may be its enough to post the names of the included javascript files in that page when the reload cant work correctly:

jquery.min.js
animatedcollapse.js
baffle.min.js
no.js (for whatever reason this is loaded 2x)
code.js
mc-validate.js
dc.js

in line 741 of the source of the (rendered) page is:

Expand|Select|Wrap|Line Numbers
  1. e.preventDefault();
so - as i said - its pointless to try. basically the right click is disabled and its checking whether the devtools are opened and does a reload all time unless its closed again. it took 5min to find a way to still view the code in the devtools anyway by just using another method of inspecting. As i said more then once already - it is NOT secure to put any sensitive things into clientside code of a webpage - no matter what someone will try - the technology itself requires it to be at the client and thus can be revealed by a consumer of the page in any case. You can make it harder - but never secure.
Mar 28 '18 #35
I'm sorry git. Still you are giving the code of http://samy.pl/code
But u are not giving code of view-source:samy.pl you can visite at view-source:samy.pl
Expand|Select|Wrap|Line Numbers
  1.  
  2. <!------------------------------------------------------------------------------
  3.  ! Welcome to samy.pl.
  4.  !
  5.  ! In the various pages, you'll find benign code execution,
  6.  ! seemingly invasive data exfiltration (that remains local
  7.  ! to your machine and never reaches my system) and various
  8.  ! innocuous challenges. Have fun!
  9.  !
  10.  ! -samy kamkar
  11.  !------------------------------------------------------------------------------>
  12. <html><head>
  13.     <META NAME="Description" CONTENT="samy kamkar's open source code, applied hacking, projects, hardware, videos, press, talks, blog, email address, and other infectious technology.">
  14.     <META NAME="keywords" CONTENT="samy kamkar, applied hacking, code, evercookie, usbdriveby, skyjack, lockpicking, master lock, keysweeper, combobreaker, combo breaker, quickjack, myspace, proxygambit, proxmark3, pwnat, clickjacking, xss, hacker, nat pinning, geolocation, android, google, iphone, packets, radio, rtl-sdr, hackrf, im-me, imme, arduino, teensy, poisontap, magspoof, ownstar, rolljam, raspberry pi, drones">
  15.     <title>samy kamkar - home</title>
  16. </head>
  17. <body>
  18. <script src="/load.js">/* No source for you! Easter egg #5 */</script>
  19. </body></html>
  20.  
  21.  
  22.  
  23.  
Mar 28 '18 #36
Rabbit
12,516 Expert Mod 8TB
All you need to do is turn on the IE console and it shows this code that's run when the site is first loaded.

Expand|Select|Wrap|Line Numbers
  1. if(!window.$)(s=(z=document).getElementsByTagName(x="script")[0]).parentNode.insertBefore(z.createElement(x),s).src="//ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js";
  2. (function(){if(typeof window.CustomEvent==="function")return false;
  3. function CustomEvent(event,params){params=params||{bubbles:false,cancelable:false,detail:undefined};
  4. var evt=document.createEvent("CustomEvent");
  5. evt.initCustomEvent(event,params.bubbles,params.cancelable,params.detail);
  6. return evt}CustomEvent.prototype=window.Event.prototype;
  7. window.CustomEvent=CustomEvent})();
  8. (function(){"use strict";
  9. var devtools={open:false,first:true,orientation:null};
  10. window.lq=devtools;
  11. var threshold=160;
  12. var emitEvent=function(state,orientation,eventname){if(!eventname)eventname="devtoolschange";
  13. window.dispatchEvent(new CustomEvent(eventname,{detail:{open:state,orientation:orientation}}))};
  14. setInterval(function(){var widthThreshold=window.outerWidth-window.innerWidth>threshold;
  15. var heightThreshold=window.outerHeight-window.innerHeight>threshold;
  16. var orientation=widthThreshold?"vertical":"horizontal";
  17. if(!(heightThreshold&&widthThreshold)&&(window.Firebug&&window.Firebug.chrome&&window.Firebug.chrome.isInitialized||widthThreshold||heightThreshold)){if(!devtools.open||devtools.orientation!==orientation){emitEvent(true,orientation);
  18. if(lq.first){lq.first=false;
  19. emitEvent(true,orientation,"firstevent")}}devtools.open=true;
  20. devtools.orientation=orientation}else{if(devtools.open){emitEvent(false,null);
  21. if(lq.first){lq.first=false;
  22. emitEvent(false,null,"firstevent")}}devtools.open=false;
  23. devtools.orientation=null}},1e3);
  24. if(typeof module!=="undefined"&&module.exports){module.exports=devtools}else{window.devtools=devtools}})();
  25. var ua=navigator.userAgent.toLowerCase();
  26. var msie=ua.indexOf("msie")>-1;
  27. if(!msie&&navigator.appName=="Netscape"&&ua.indexOf("trident/")>-1)msie=true;
  28. var safari=ua.indexOf("chrome")>-1;
  29. var chrome=ua.indexOf("safari")>-1;
  30. var firefox=ua.indexOf("firefox")>-1;
  31. function dc(event){if(event.button==2){alert("You found Easter Egg #12!");
  32. return false}}document.onmousedown=dc;
  33. var delay=150;
  34. var MyDesktop;
  35. var currentChar=0;
  36. var destination="[not defined]";
  37. var text="";
  38. var fb=0;
  39. function type(){if(document.getElementById){var dest=document.getElementById(destination);
  40. if(dest){if(text.substr(currentChar,1)=="\n")dest.innerHTML=dest.innerHTML+"<br>";
  41. else dest.innerHTML=dest.innerHTML+text.substr(currentChar,1);
  42. currentChar++;
  43. if(currentChar==text.length){}else if(currentChar<text.length){setTimeout(function(){type()},delay+Math.floor(Math.random()*delay))}}}}function startTyping(textParam,destinationParam){if(text)text+="\n";
  44. text+=textParam;
  45. var ndiv=document.createElement("div");
  46. destination="dest2";
  47. ndiv.id=destination;
  48. if(document.getElementById(destinationParam))document.getElementById(destinationParam).appendChild(ndiv);
  49. type()}var iw=0;
  50. var og,ob;
  51. function loadcodewin(){if(iw++>500)return;
  52. var d=document.getElementById("x-desktop").style;
  53. var o=function(evt){if(!evt.gamma&&!evt.beta){evt.gamma=-(evt.x*(180/Math.PI));
  54. evt.beta=-(evt.y*(180/Math.PI))}var overThreshold=Math.abs(evt.gamma)>8||Math.abs(evt.beta)>8;
  55. og=evt.gamma;
  56. ob=evt.beta;
  57. var gamma=overThreshold?og:0;
  58. var beta=overThreshold?ob:0;
  59. if(this._lastGamma!=gamma||this._lastBeta!=beta){var x=Math.round(1.5*gamma);
  60. var y=Math.round(1.5*beta);
  61. d.left=x.toString()+"px";
  62. d.top=y.toString()+"px";
  63. d.WebkitTransition=d.Transition="all .5s linear";
  64. d.transform=d.MsTransform=d.WebkitTransform=d.OTransform=d.MozTransform="rotateY("+-2*gamma+"deg) rotateX("+-2*beta+"deg)";
  65. this._lastGamma=gamma;
  66. this._lastBeta=beta}};
  67. if(window.addEventListener){window.addEventListener("deviceorientation",o,false);
  68. window.addEventListener("MozOrientation",o,false)}if(typeof MyDesktop=="undefined"||MyDesktop.modules==null||typeof MyDesktop.getModule("code-win")=="undefined"){setTimeout(function(){loadcodewin()},50)}else{MyDesktop.getModule("code-win").createWindow()}}function getFFip(){var ip;
  69. try{if(typeof java!="undefined"&&typeof java.net!="undefined"){var sock=new java.net.Socket;
  70. sock.bind(new java.net.InetSocketAddress("0.0.0.0",0));
  71. sock.connect(new java.net.InetSocketAddress(document.domain,!document.location.port?80:document.location.port));
  72. ip=sock.getLocalAddress().getHostAddress()}}catch(e){}return ip}function pwn(){var ip;
  73. loadcodewin();
  74. if(ip){startTyping("  ","terminal");
  75. startTyping("loading code into memory...","terminal");
  76. startTyping("spinning cpu for no apparent reason...","terminal");
  77. if(ip)startTyping("interrogating your local ip "+ip+"...\n","terminal");
  78. else startTyping("interrogating your system...\n","terminal")}}var ifrnum=0;
  79. var ifrs=new Array;
  80. function detectR(url,text){var ifr=document.createElement("iframe");
  81. ifrs[ifrnum]=ifr;
  82. var timer=setTimeout(function(){killifr(ifrnum)},1);
  83. ifrnum++;
  84. ifr.src=url;
  85. ifr.style.visibility="hidden";
  86. ifr.style.display="block";
  87. ifr.style.position="absolute";
  88. ifr.style.width="1px";
  89. ifr.style.height="1px";
  90. ifr.onload=function(){clearTimeout(timer);
  91. startTyping(text+"...\n","terminal")};
  92. ref.parentNode.insertBefore(ifr,ref)}function killifr(x){var ifr=ifrs[x];
  93. ifr.onload=function(){};
  94. ifr.src="javascript:void(0)";
  95. ref.parentNode.removeChild(ref)}function click(e){if(event.button==2){alert("You found Easter Egg #12!");
  96. return false}else if(document.layers&&e.which==3){alert("You found Easter Egg #12!");
  97. return false}}if(document.layers)document.captureEvents(Event.MOUSEDOWN);
  98. document.onmousedown=click;
  99. Ext.onReady(function(){new Ext.ToolTip({target:"fbw",anchor:"bottom",width:200,html:"You have nothing to worry about.",trackMouse:false})});
  100. Ext.QuickTips.init();
  101. MyDesktop=new Ext.app.App({init:function(){Ext.QuickTips.init()},getModules:function(){return[new MyDesktop.WebWindow({id:"code-win",url:"code/",name:"code",width:700,height:document.documentElement.clientHeight?document.documentElement.clientHeight-70:480}),new MyDesktop.WebWindow({id:"list-win",url:"mlist/",name:"mailing list",width:600,height:190}),new MyDesktop.WebWindow({id:"tw-win",url:"/twitter",name:"twitter (@samykamkar)",width:800,height:480}),new MyDesktop.MailWindow({id:"mail-win",url:"mailto:site@samy.pl",name:"email me",width:740,height:480})]},getStartConfig:function(){return{title:"samy kamkar",iconCls:"user"}}});
  102. MyDesktop.WebWindow=Ext.extend(Ext.app.Module,{appType:"window",init:function(){this.launcher={text:this.name,iconCls:this.iconCls||"tabs",handler:this.createWindow,scope:this}},createWindow:function(){var desktop=this.app.getDesktop();
  103. var win=desktop.getWindow(this.name+"-win");
  104. if(!win){win=desktop.createWindow({id:this.name+"-win",title:this.name,width:this.width||740,height:this.height||480,iconCls:this.iconCls||"tabs",shim:false,animCollapse:false,constrainHeader:true,layout:"fit",items:new Ext.Panel({bodyCfg:{tag:"div",cls:"x-panel-body",children:[{tag:"iframe",name:this.name,id:this.name,src:this.url,frameBorder:0,width:"100%",height:"100%",style:{overflow:"auto"}}]},region:"center"})})}win.show()}});
  105. MyDesktop.MailWindow=Ext.extend(Ext.app.Module,{init:function(){this.launcher={text:this.name,iconCls:this.iconCls||"tabs",handler:this.createWindow,scope:this}},createWindow:function(){document.location=this.url}});
  106. document.addEventListener("keydown",function(e){if(e.keyCode==123||(window.navigator.platform.match("Mac")?e.metaKey:e.ctrlKey)&&(e.keyCode==117||e.keyCode==85||e.keyCode==115||e.keyCode==83||e.keyCode==105||e.keyCode==73||e.keyCode==110||e.keyCode==78||e.keyCode==112||e.keyCode==80||e.keyCode==106||e.keyCode==74)){e.preventDefault();
  107. alert("You found Easter Egg #10!")}},false);
  108. var deb=0;
  109. var intr,_b;
  110. var timerMax=deb?2e3:500;
  111. var element=new Image;
  112. var egg8msg="No source for you! You found easter egg #8. Close the console to return to samy.pl ;
  113. )";
  114. var utm="__utmq";
  115. var firstload=1;
  116. var solecon=clone(console);
  117. function clone(obj){if(null==obj||"object"!=typeof obj)return obj;
  118. var copy=obj.constructor();
  119. for(var attr in obj)if(obj.hasOwnProperty(attr))copy[attr=="log"?"go":attr]=obj[attr];
  120. return copy}function al(x){if(!deb)return;
  121. solecon.go(x)}function rmbody(){al("rm1");
  122. if(readCookie(utm)==2)return;
  123. al("rm2");
  124. createCookie(utm,2,365*10);
  125. location.reload(true)}function noconsole3(){al("NOC3");
  126. noconsole()}function noconsole2(){al("NOC2");
  127. noconsole()}function noconsole(){al("noc1");
  128. if(readCookie(utm)==1)return;
  129. al("noc2");
  130. createCookie(utm,1,365*10);
  131. location.reload(true)}function egg8log(){if(msie)solecon.go(egg8msg);
  132. else solecon.go("%c"+egg8msg,"background: black;
  133.  color: #00ff00;
  134.  font-size: x-large;
  135. ")}if(window.location.href.indexOf("noint")==-1){if(readCookie(utm)!=1){al("ngood");
  136. var noconyet=0;
  137. var threshold=160;
  138. var widthThreshold=window.outerWidth-window.innerWidth>threshold;
  139. var heightThreshold=window.outerHeight-window.innerHeight>threshold;
  140. var orientation=widthThreshold?"vertical":"horizontal";
  141. if(!(heightThreshold&&widthThreshold)&&(window.Firebug&&window.Firebug.chrome&&window.Firebug.chrome.isInitialized||widthThreshold||heightThreshold)){if(!devtools.open||devtools.orientation!==orientation){}}else{al("n1");
  142. noconyet=1}}element.__defineGetter__("id",function(){al("dg");
  143. if(intr)clearTimeout(intr);
  144. if(!_b)rmbody();
  145. intr=setTimeout(noconsole2,timerMax*1.5)});
  146. if(chrome||safari){intr=setTimeout(noconsole3,timerMax*2);
  147. al("c||s");
  148. setInterval(function(){solecon.go(element);
  149. solecon.clear();
  150. egg8log()},timerMax)}else{al("elsec||s");
  151. window.addEventListener("devtoolschange",function(e){if(e.detail.open){rmbody();
  152. egg8log()}else{noconsole()}})}}function createCookie(name,value,days){if(days>0)eraseCookie(name);
  153. if(days){var date=new Date;
  154. date.setTime(date.getTime()+days*24*60*60*1e3);
  155. var expires=";
  156.  expires="+date.toGMTString()}else var expires="";
  157. document.cookie=name+"="+value+expires+";
  158.  path=/"}function readCookie(name){var nameEQ=name+"=";
  159. var ca=document.cookie.split(";
  160. ");
  161. for(var i=0;
  162. i<ca.length;
  163. i++){var c=ca[i];
  164. while(c.charAt(0)==" ")c=c.substring(1,c.length);
  165. if(c.indexOf(nameEQ)==0)return c.substring(nameEQ.length,c.length)}return null}function eraseCookie(name){createCookie(name,"",-1)}
  166.  
The console also shows that the following javascript files are loaded and which you can download separately if you wish to see the code in each of those js files:
Expand|Select|Wrap|Line Numbers
  1. URL    Protocol    Method    Result    Type    Received    Taken    Initiator    Wait‎‎    Start‎‎    Request‎‎    Response‎‎    Cache read‎‎    Gap‎‎
  2. /adapter/ext/ext-base.js    HTTPS    GET    200    application/javascript    32.34 KB    94 ms    <script>    296    31    47    16    0    4617
  3. /ext-all.js    HTTPS    GET    200    application/javascript    0.62 MB    78 ms    <script>    405    0    78    0    0    4524
  4. /js/StartMenu.js    HTTPS    GET    200    application/javascript    7.42 KB    78 ms    <script>    593    0    78    0    0    4336
  5. /js/TaskBar.js    HTTPS    GET    200    application/javascript    14.31 KB    31 ms    <script>    671    0    31    0    0    4305
  6. /js/Desktop.js    HTTPS    GET    200    application/javascript    3.47 KB    47 ms    <script>    702    0    47    0    0    4258
  7. /js/App.js    HTTPS    GET    200    application/javascript    2.26 KB    31 ms    <script>    749    0    31    0    0    4227
  8. /js/Module.js    HTTPS    GET    200    application/javascript    0.77 KB    31 ms    <script>    780    0    15    16    0    4196
  9. /js/jquery-1.12.4.min.js    HTTPS    GET    200    application/javascript    95.32 KB    47 ms    <script>    811    0    47    0    0    4149
  10. /js/jquery.min.js    HTTPS    GET    200    application/javascript    56.34 KB    47 ms    <script>    3666    0    47    0    0    1294
  11. /js/animatedcollapse.js    HTTPS    GET    200    application/javascript    11.98 KB    47 ms    <script>    3666    0    47    0    0    1294
  12. /js/baffle.min.js    HTTPS    GET    200    application/javascript    5.28 KB    47 ms    <script>    3666    0    47    0    0    1294
  13. /code/no.js    HTTPS    GET    200    application/javascript    0.53 KB    47 ms    <script>    3666    15    32    0    0    1294
  14. /js/code.js    HTTPS    GET    200    application/javascript    0.74 KB    32 ms    <script>    3681    0    32    0    0    1294
  15. /code/no.js    HTTPS    GET    200    application/javascript    0.53 KB    31 ms    <script>    3900    0    31    0    0    1076
  16. https://s3.amazonaws.com/downloads.mailchimp.com/js/mc-validate.js    HTTPS    GET    200    application/javascript    139.93 KB    0.84 s    <script>    3900    296    546    0    0    265
Mar 28 '18 #37
Rabbit
12,516 Expert Mod 8TB
JavaScript, HTML, and CSS is client side code. You can use whatever techniques you want to hide or obfuscate the code but you can't get by this immutable fact: At some point the client needs to see the code so it can run the code.

At the end of the day, regardless of what technique is used, the client user can go down to the lowest level and just look at the packets being sent to their computer to see the raw data.
Mar 28 '18 #38
gits
5,390 Expert Mod 4TB
the point is - as you might see after all - someone can make it harder to look at the code - but its by any means not avoidable - and that's a fact. I really cannot understand why people still try to think they can do it - with current state of how websites and browsers work. By finding some way to prevent something - there are countless other ways that will still be open - for someone that wants to use that view-source:samy.pl method the guy who made the site obviously found a way to prevent it so that those that want to use this method are unable - because obviously they don't know anything about how to retrieve the information another way. But that's not the point - the point is to avoid the need! of that - and putting something that needs to be hidden into a website's clientside code is just wrong design.

PS: @acoder7777 - if you only know that method of viewing the sourcecode of a webpage - then your just out of luck if someone can prevent that - but as you can see - here are a minimum of 3 people in row that know other ways and did it with very little effort. So - even your question is wrong - there is no different code - no matter what method you use to look at that - its just different what you see - and what other people can see. So seen the code probably fulfilled at least the purpose of making it too hard for some people. The basic principle of how this particular script works is up there - so if you still want to do such - try coding it instead of may be copy&paste it without understanding how it really works.
Mar 29 '18 #39
Taro
4
With a little effort, you can see the source code.
View the initial source code - it's impossible to avoid, fact.
Mar 29 '18 #40
gits
5,390 Expert Mod 4TB
so you suggest to dynamically load encrypted javascript code to the client when needed? the decryption method would need to be at the client then already - and during a session somehow the javascript code would have to be decryptable by the app itself thus it can be most likely hooked into - i am not saying that there is no way to do as much effort as you wish to obfuscate something - i am saying if its sensitive information of any kind for you the clientside is the worst place to have it implemented, since it is the easiest point for someone to figure out what is in there - since he/she already has the code that in some way would need to be interpretable there. And if its not sensitive - why hide it then - it just wouldn't make sense to me. I am still standing for the fact - if you feel the need to do that for javascript code - then you did something wrong with the entire application architecture.

PS: To make my point more clear - it is not and cannot be made secure to have anything in clientside javascript code that you consider as something someone shouldn't retrieve. Obfuscation is only an option to make it harder for 'normal' people - but if its something that has a real value of some kind or is something that can be used to do bigger damage (thus has such value as well) - then it shouldn't be implemented in clientside javascript - since if someone else is finding it worth to get that value, it is retrievable from the client right away with more or less effort. On the serverside you have much better and powerful protection mechanisms - so leave such information, and whatever is valueable for you, there, and protect it there.
Mar 29 '18 #41
you are right but im 17 years old and learning all this i had made a website in which i had us emailjs (emailjs) to send email whoever had contacted me to do this i have to make my account id and all other sensitive imformation public as i dont know any of the sever-side language expect java(jsp) and i didnt wanted to write this all messy code in java..
so i waqnt to hide my sensitive imformation.


please sorry for bad english and spelling mistakes.


is there any website which can convert js to php?

thnx
Mar 29 '18 #42
Taro
4
Suppose that you can imagine a code that does not enable you to understand it. And there is no benefit from the fact that you see this code.
The use of this code will be that it will be able to deliver to the client some information that is incomprehensible to others.
The question is, do you need such a script?
Where is it reasonable to apply it?
Mar 29 '18 #43
this forms are only for practice i recieave an email about the person who had filled the form as well as the person reaceves an email this is for educational purpose only .
see it MOD:REMOVED_URL[if it contains sensitive information then it shouldnt be linked here so that many people can get those]
Mar 29 '18 #44
I FOUND A WAY TO SEE THE CODE
IN Earlier Firefox;
I Open the console before the script can load and page opens and i am able to see the code.
Expand|Select|Wrap|Line Numbers
  1.  
  2.     <!--
  3.  
  4.     --------------------------------------------------…
  5.  
  6.     -->
  7.     <html>
  8.         <head>
  9.             <title></title>
  10.             <script type="text/javascript" charset="utf-8" async="" src="https://platform.twitter.com/js/timeline.f3704eb7aa37eaac805e4960db90c894.js"></script>
  11.         </head>
  12.         <body id="ext-gen3" class=" ext-gecko ext-gecko3" oncontextmenu="return false" onload="pwn()" scroll="no">
  13.             <title></title>
  14.             <link href="resources/css/ext-all.css" type="text/css" rel="stylesheet"></link>
  15.             <link href="css/desktop.css" type="text/css" rel="stylesheet"></link>
  16.             <link href="resources/css/xtheme-slickness.css" type="text/css" rel="stylesheet"></link>
  17.             <link href="resources/css/xtheme-symphony.css" type="text/css" rel="stylesheet"></link>
  18.             <div id="allc">
  19.                 <div id="x-desktop" style="height: 0px;">
  20.                     <a class="lnk" href="mailto:code@samy.pl"></a>
  21.                     <dl id="x-shortcuts"></dl>
  22.                     <div id="terminal">
  23.                         <iframe id="twitter-widget-0" class="twitter-timeline twitter-timeline-rendered" frameborder="0" scrolling="no" allowtransparency="true" allowfullscreen="true" style="position: static; visibility: visible; display: inline-block…0px; margin-top: 0px; margin-bottom: 0px; min-height: 200px;" data-widget-id="494045919193485312" title="Twitter Timeline">
  24.                             #document
  25.                                 <html class="SandboxRoot env-bp-min">
  26.                                     <head></head>
  27.                                     <body>
  28.                                         <div class="timeline-Widget timeline-Widget--edge" lang="en" data-iframe-title="Twitter Timeline" data-twitter-event-id="0">
  29.                                             <div class="timeline-Header timeline-InformationCircle-widgetParent" data-scribe="section:header"></div>
  30.                                             <div class="timeline-Body customisable-border">
  31.                                                 <div class="timeline-Body-notification timeline-NewTweetsNotification new-tweets-bar" aria-relevant="additions" aria-atomic="false" aria-live="polite" role="alert"></div>
  32.                                                 <div class="timeline-Viewport" style="height: 507px;">
  33.                                                     <ol class="timeline-TweetList">
  34.                                                         <li class="timeline-TweetList-tweet customisable-border">
  35.                                                             <div class="timeline-Tweet timeline-Tweet--isRetweet u-cf js-tweetIdInfo" data-scribe="component:tweet" data-rendered-tweet-id="978279787461468160" data-tweet-id="978854583148695558">
  36.                                                                 <div class="timeline-Tweet-brand u-floatRight"></div>
  37.                                                                 <div class="timeline-Tweet-retweetCredit"></div>
  38.                                                                 <div class="timeline-Tweet-author js-inViewportScribingTarget">
  39.                                                                     <div class="TweetAuthor js-inViewportScribingTarget" data-scribe="component:author">
  40.                                                                         <a class="TweetAuthor-link Identity u-linkBlend" aria-label="Brit Bennett (screen name: britrbennett)" href="https://twitter.com/britrbennett" data-scribe="element:user_link">
  41.                                                                             <div class="TweetAuthor-nameScreenNameContainer">
  42.                                                                                 <span class="TweetAuthor-decoratedName">
  43.                                                                                     <span class="TweetAuthor-name Identity-name customisable-highlight" data-scribe="element:name" title="Brit Bennett"></span>
  44.                                                                                 </span>
  45.                                                                                 <span class="TweetAuthor-screenName Identity-screenName" dir="ltr" data-scribe="element:screen_name" title="@britrbennett"></span>
  46.                                                                             </div>
  47.                                                                         </a>
  48.                                                                     </div>
  49.                                                                 </div>
  50.                                                                 <p class="timeline-Tweet-text" lang="en" dir="ltr"></p>
  51.                                                                 <div class="timeline-Tweet-media">
  52.                                                                     <article class="MediaCard customisable-border" dir="ltr" data-scribe="component:card">
  53.                                                                         <div class="MediaCard-media">
  54.                                                                             <div class="MediaCard-widthConstraint js-cspForcedStyle" data-style="max-width: 351px" style="max-width: 351px">
  55.                                                                                 <div class="MediaCard-mediaContainer js-cspForcedStyle" data-style="padding-bottom: 54.7009%" style="padding-bottom: 54.7009%">
  56.                                                                                     <a class="MediaCard-mediaAsset NaturalImage NaturalImage--roundedTop NaturalImage--roundedBottom" data-scribe="element:photo" href="https://twitter.com/britrbennett/status/978279787461468160/photo/1">
  57.                                                                                         <img class="NaturalImage-image" width="351" height="192" alt="View image on Twitter" title="View image on Twitter" data-image="https://pbs.twimg.com/media/DZOMP3KVQAARdGk" src="https://pbs.twimg.com/media/DZOMP3KVQAARdGk?format=jpg&name=360x360"></img>
  58.                                                                                     </a>
  59.                                                                                 </div>
  60.                                                                             </div>
  61.                                                                         </div>
  62.                                                                     </article>
  63.                                                                 </div>
  64.                                                                 <div class="timeline-Tweet-metadata"></div>
  65.                                                                 <ul class="timeline-Tweet-actions" aria-label="Tweet actions" role="menu" data-scribe="component:actions"></ul>
  66.                                                             </div>
  67.                                                         </li>
  68.                                                         <li class="timeline-TweetList-tweet customisable-border">
  69.                                                             <div class="timeline-Tweet u-cf js-tweetIdInfo" data-scribe="component:tweet" data-rendered-tweet-id="978023617043693568" data-tweet-id="978023617043693568">
  70.                                                                 <div class="timeline-Tweet-brand u-floatRight"></div>
  71.                                                                 <div class="timeline-Tweet-author ">
  72.                                                                     <div class="TweetAuthor js-inViewportScribingTarget" data-scribe="component:author">
  73.                                                                         <a class="TweetAuthor-link Identity u-linkBlend" aria-label="Samy Kamkar (screen name: samykamkar)" href="https://twitter.com/samykamkar" data-scribe="element:user_link">
  74.                                                                             <div class="TweetAuthor-nameScreenNameContainer">
  75.                                                                                 <span class="TweetAuthor-decoratedName">
  76.                                                                                     <span class="TweetAuthor-name Identity-name customisable-highlight" data-scribe="element:name" title="Samy Kamkar"></span>
  77.                                                                                     <span class="TweetAuthor-verifiedBadge" data-scribe="element:verified_badge"></span>
  78.                                                                                 </span>
  79.                                                                                 <span class="TweetAuthor-screenName Identity-screenName" dir="ltr" data-scribe="element:screen_name" title="@samykamkar"></span>
  80.                                                                             </div>
  81.                                                                         </a>
  82.                                                                     </div>
  83.                                                                 </div>
  84.                                                                 <p class="timeline-Tweet-text" lang="en" dir="ltr">
  85.  
  86.                                                                     Amazing YouTube channel from Michel van Biezen wit…
  87.  
  88.                                                                     <a class="link customisable" data-scribe="element:url" title="https://www.youtube.com/channel/UCiGxYawhEp4QyFcX0R60YdQ" target="_blank" data-expanded-url="https://www.youtube.com/channel/UCiGxYawhEp4QyFcX0R60YdQ" dir="ltr" rel="nofollow noopener" href="https://t.co/lnPus6Wws4">
  89.                                                                         <span class="u-hiddenVisually"></span>
  90.                                                                         <span class="Tweet-complexLink"></span>
  91.                                                                         <span class="u-hiddenVisually"></span>
  92.  
  93.                                                                         …
  94.  
  95.                                                                     </a>
  96.                                                                 </p>
  97.                                                                 <div class="timeline-Tweet-media">
  98.                                                                     <div class="PrerenderedCard is-constrainedByMaxWidth is-loaded" data-scribe="component:card" data-css="https://ton.twimg.com/tfw/css/syndication_bundle_v1_2801d83f2f75998762a22055f578875d6e10fd1d.css" data-card-name="summary">
  99.                                                                         <div class="TwitterCardsGrid TwitterCard">
  100.                                                                             <script type="text/twitter-cards-serialization"></script>
  101.                                                                             <div class="TwitterCardsGrid-col--12 TwitterCardsGrid-col--spacerBottom CardContent">
  102.                                                                                 <a class="js-openLink u-block TwitterCardsGrid-col--12 TwitterCard-container TwitterCard-container--clickable SummaryCard--small" rel="noopener" href="https://t.co/lnPus6Wws4" data-card-breakpoints="w200 w150 w100 w50 " data-theme="dark">
  103.                                                                                     <div class="SummaryCard-image TwitterCardsGrid-float--prev">
  104.                                                                                         <div class="tcu-imageContainer tcu-imageAspect--1to1">
  105.                                                                                             <style></style>
  106.                                                                                             <div class="tcu-imageWrapper tcu-image-978023617043693568 js-cspForcedStyle" data-style="background-image: url(https://pbs.twimg.com/card_img/9772451…kaui1ANC?format=jpg&name=144x144_2); background-size: cover;">
  107.                                                                                                 <img class="u-block" alt="" src="https://pbs.twimg.com/card_img/977245149158891521/kaui1ANC?format=jpg&name=144x144_2"></img>
  108.                                                                                             </div>
  109.                                                                                         </div>
  110.                                                                                     </div>
  111.                                                                                     <div class="SummaryCard-contentContainer TwitterCardsGrid-float--prev"></div>
  112.                                                                                 </a>
  113.                                                                             </div>
  114.                                                                         </div>
  115.                                                                     </div>
  116.                                                                 </div>
  117.                                                                 <div class="timeline-Tweet-metadata"></div>
  118.                                                                 <ul class="timeline-Tweet-actions" aria-label="Tweet actions" role="menu" data-scribe="component:actions"></ul>
  119.                                                             </div>
  120.                                                         </li>
  121.                                                         <li class="timeline-TweetList-tweet customisable-border"></li>
  122.                                                         <li class="timeline-TweetList-tweet customisable-border"></li>
  123.                                                         <li class="timeline-TweetList-tweet customisable-border"></li>
  124.                                                         <li class="timeline-TweetList-tweet customisable-border"></li>
  125.                                                         <li class="timeline-TweetList-tweet customisable-border"></li>
  126.                                                         <li class="timeline-TweetList-tweet customisable-border"></li>
  127.                                                         <li class="timeline-TweetList-tweet customisable-border"></li>
  128.                                                         <li class="timeline-TweetList-tweet customisable-border"></li>
  129.                                                         <li class="timeline-TweetList-tweet customisable-border"></li>
  130.                                                         <li class="timeline-TweetList-tweet customisable-border"></li>
  131.                                                         <li class="timeline-TweetList-tweet customisable-border"></li>
  132.                                                         <li class="timeline-TweetList-tweet customisable-border"></li>
  133.                                                         <li class="timeline-TweetList-tweet customisable-border"></li>
  134.                                                         <li class="timeline-TweetList-tweet customisable-border"></li>
  135.                                                         <li class="timeline-TweetList-tweet customisable-border"></li>
  136.                                                         <li class="timeline-TweetList-tweet customisable-border"></li>
  137.                                                         <li class="timeline-TweetList-tweet customisable-border"></li>
  138.                                                         <li class="timeline-TweetList-tweet customisable-border"></li>
  139.                                                     </ol>
  140.                                                     <div class="timeline-LoadMore timeline-LoadMore--edge"></div>
  141.                                                 </div>
  142.                                             </div>
  143.                                             <footer class="timeline-Footer u-cf" data-scribe="section:footer">
  144.                                                 <a class="u-floatLeft" href="https://publish.twitter.com/?url=https%3A%2F%2Ftwitter.com%2Fsamykamkar" data-scribe="element:embed_url"></a>
  145.                                                 <a class="u-floatRight" href="https://twitter.com/samykamkar" data-scribe="element:twitter_url"></a>
  146.                                             </footer>
  147.                                         </div>
  148.                                     </body>
  149.                                 </html>
  150.                         </iframe>
  151.                     </div>
  152.                     <div id="ext-gen28" class="x-window-proxy" style="display: none; width: 698px; height: 556px; left: 290px; top: 20px; opacity: 0.5;"></div>
  153.                     <div id="ext-gen43" class="x-shadow" style="z-index: 9002; left: 286px; top: 3px; width: 708px; height: 558px; display: block;"></div>
  154.                     <div id="code-win" class=" x-window x-resizable-pinned" style="position: absolute; z-index: 9003; visibility: visible; left: 290px; top: 0px; width: 700px; display: block;">
  155.                         <div class="x-window-tl"></div>
  156.                         <div id="ext-gen19" class="x-window-bwrap">
  157.                             <div class="x-window-ml">
  158.                                 <div class="x-window-mr">
  159.                                     <div id="ext-gen22" class="x-window-mc">
  160.                                         <div id="ext-gen20" class="x-window-body" style="width: 686px; height: 528px;">
  161.                                             <div id="ext-comp-1009" class=" x-panel" style="width: 686px;">
  162.                                                 <div id="ext-gen30" class="x-panel-bwrap">
  163.                                                     <div id="ext-gen31" class="x-panel-body x-panel-body-noheader" style="width: 684px; height: 526px;">
  164.                                                         <iframe id="code" width="100%" height="100%" frameborder="0" style="overflow:auto;" src="code/" name="code">
  165.                                                             #document
  166.                                                                 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
  167.                                                                 <html xmlns="http://www.w3.org/1999/xhtml">
  168.                                                                     <head></head>
  169.                                                                     <body oncontextmenu="return false">
  170.                                                                         <div id="menu"></div>
  171.                                                                         <!--
  172.  
  173.                                                                          end #menu 
  174.  
  175.                                                                         -->
  176.                                                                         <div id="header"></div>
  177.                                                                         <!--
  178.  
  179.                                                                          end #header 
  180.  
  181.                                                                         -->
  182.                                                                         <div id="wrapper">
  183.                                                                             <div id="content">
  184.                                                                                 <div id="posts">
  185.                                                                                     <iframe width="100%" height="105" frameborder="0" style="padding: 10px" src="/list/nohead.html" border="0" scrolling="no">
  186.                                                                                         #document
  187.                                                                                             <html></html>
  188.                                                                                     </iframe>
  189.                                                                                     <div class="post">
  190.                                                                                         <h2 class="title">
  191.                                                                                             <a onclick="animatedcollapse.toggle('rest1');return false;" href="#"></a>
  192.                                                                                         </h2>
  193.                                                                                         <div id="rest1" style="display:none" fade="1"></div>
  194.                                                                                     </div>
  195.                                                                                     <div class="post">
  196.                                                                                         <h2 class="title">
  197.                                                                                             <a onclick="animatedcollapse.toggle('rest2');return false;" href="#"></a>
  198.                                                                                         </h2>
  199.                                                                                         <div id="rest2" style="display:none" fade="1"></div>
  200.                                                                                     </div>
  201.                                                                                     <div class="post">
  202.                                                                                         <h2 class="title">
  203.                                                                                             <a onclick="animatedcollapse.toggle('rest3');return false;" href="#"></a>
  204.                                                                                         </h2>
  205.                                                                                         <div id="rest3" style="display:none" fade="1"></div>
  206.                                                                                     </div>
  207.                                                                                     <div class="post">
  208.                                                                                         <h2 class="title">
  209.                                                                                             <a onclick="animatedcollapse.toggle('rest4');return false;" href="#"></a>
  210.                                                                                         </h2>
  211.                                                                                         <div id="rest4" style="display:none" fade="1"></div>
  212.                                                                                     </div>
  213.                                                                                     <div class="post">
  214.                                                                                         <h2 class="title">
  215.                                                                                             <a onclick="animatedcollapse.toggle('rest5');return false;" href="#"></a>
  216.                                                                                         </h2>
  217.                                                                                         <div id="rest5" style="display:none" fade="1"></div>
  218.                                                                                     </div>
  219.                                                                                     <div class="post">
  220.                                                                                         <h2 class="title">
  221.                                                                                             <a onclick="animatedcollapse.toggle('rest6');return false;" href="#"></a>
  222.                                                                                         </h2>
  223.                                                                                         <div id="rest6" style="display:none" fade="1"></div>
  224.                                                                                     </div>
  225.                                                                                     <div class="post">
  226.                                                                                         <h2 class="title">
  227.                                                                                             <a onclick="animatedcollapse.toggle('rest7');return false;" href="#"></a>
  228.                                                                                         </h2>
  229.                                                                                         <div id="rest7" style="display:none" fade="1"></div>
  230.                                                                                     </div>
  231.                                                                                     <div class="post">
  232.                                                                                         <h2 class="title">
  233.                                                                                             <a onclick="animatedcollapse.toggle('rest8');return false;" href="#"></a>
  234.                                                                                         </h2>
  235.                                                                                         <div id="rest8" style="display:none" fade="1"></div>
  236.                                                                                     </div>
  237.                                                                                     <div class="post">
  238.                                                                                         <h2 class="title"></h2>
  239.                                                                                         <div id="rest9" style="display:none" fade="1"></div>
  240.                                                                                     </div>
  241.                                                                                     <div class="post"></div>
  242.                                                                                     <div class="post"></div>
  243.                                                                                     <div class="post"></div>
  244.                                                                                     <div class="post"></div>
  245.                                                                                     <div class="post"></div>
  246.                                                                                     <div class="post"></div>
  247.                                                                                     <div class="post"></div>
  248.                                                                                     <div class="post"></div>
  249.                                                                                     <div class="post"></div>
  250.                                                                                     <div class="post"></div>
  251.                                                                                     <div class="post"></div>
  252.                                                                                     <div class="post"></div>
  253.                                                                                     <div class="post"></div>
  254.                                                                                     <div class="post"></div>
  255.                                                                                     <div class="post"></div>
  256.                                                                                     <div class="post"></div>
  257.                                                                                     <div class="post"></div>
  258.                                                                                     <div class="post"></div>
  259.                                                                                     <div class="post"></div>
  260.                                                                                     <div class="post"></div>
  261.                                                                                     <div class="post"></div>
  262.                                                                                     <div class="post"></div>
  263.                                                                                     <div class="post"></div>
  264.                                                                                     <div class="post"></div>
  265.                                                                                 </div>
  266.                                                                                 <!--
  267.  
  268.                                                                                  end #posts 
  269.  
  270.                                                                                 -->
  271.                                                                                 <!--
  272.  
  273.                                                                                  bottom padding 
  274.  
  275.                                                                                 -->
  276.                                                                                 <div style="clear: both;"></div>
  277.                                                                             </div>
  278.                                                                             <!--
  279.  
  280.                                                                              end #content 
  281.  
  282.                                                                             -->
  283.                                                                         </div>
  284.                                                                         <!--
  285.  
  286.                                                                          end #wrapper 
  287.  
  288.                                                                         -->
  289.                                                                         <div id="footer"></div>
  290.                                                                         <!--
  291.  
  292.                                                                          end #footer 
  293.  
  294.                                                                         -->
  295.                                                                         <script src="../js/code.js" type="text/javascript"></script>
  296.                                                                         <script></script>
  297.                                                                     </body>
  298.                                                                 </html>
  299.                                                         </iframe>
  300.                                                     </div>
  301.                                                 </div>
  302.                                             </div>
  303.                                         </div>
  304.                                     </div>
  305.                                 </div>
  306.                             </div>
  307.                             <div id="ext-gen21" class="x-window-bl x-panel-nofooter"></div>
  308.                         </div>
  309.                         <a id="ext-gen27" class="x-dlg-focus" tabindex="-1" href="#"></a>
  310.                         <div id="ext-gen32" class="x-resizable-handle x-resizable-handle-north x-unselectable" style="-moz-user-select: none;"></div>
  311.                         <div id="ext-gen33" class="x-resizable-handle x-resizable-handle-south x-unselectable" style="-moz-user-select: none;"></div>
  312.                         <div id="ext-gen34" class="x-resizable-handle x-resizable-handle-east x-unselectable" style="-moz-user-select: none;"></div>
  313.                         <div id="ext-gen35" class="x-resizable-handle x-resizable-handle-west x-unselectable" style="-moz-user-select: none;"></div>
  314.                         <div id="ext-gen36" class="x-resizable-handle x-resizable-handle-northeast x-unselectable" style="-moz-user-select: none;"></div>
  315.                         <div id="ext-gen37" class="x-resizable-handle x-resizable-handle-northwest x-unselectable" style="-moz-user-select: none;"></div>
  316.                         <div id="ext-gen38" class="x-resizable-handle x-resizable-handle-southeast x-unselectable" style="-moz-user-select: none;"></div>
  317.                         <div id="ext-gen39" class="x-resizable-handle x-resizable-handle-southwest x-unselectable" style="-moz-user-select: none;"></div>
  318.                     </div>
  319.                 </div>
  320.                 <div id="ux-taskbar" class=" x-border-layout-ct" style="margin: 0px; border: 0px none;">
  321.                     <div id="ux-taskbar-start" class=" x-border-panel" style="width: 86px; left: 0px; top: 0px; height: 30px;"></div>
  322.                     <div id="ux-taskbuttons-panel" class=" x-border-panel" style="overflow: auto; left: 94px; top: 0px; width: 1186px; height: 30px;"></div>
  323.                     <div class="x-clear"></div>
  324.                     <div id="fbw"></div>
  325.                     <div id="TaskBarStart-xsplit" class="x-layout-split x-layout-split-west x-splitbar-h" style="left: 86px; top: 0px; height: 30px;"></div>
  326.                 </div>
  327.             </div>
  328.             <div id="ext-comp-1002" class=" x-tip" style="position: absolute; z-index: 20000; visibility: hidden; display: none;"></div>
  329.             <div id="ext-gen17" class=" x-unselectable x-splitbar-proxy x-splitbar-proxy-h" style="-moz-user-select: none;"></div>
  330.             <iframe frameborder="0" scrolling="no" allowtransparency="true" src="https://platform.twitter.com/widgets/widget_iframe.4ed13d9ce94e60c41048ece32559b04c.html?origin=https%3A%2F%2Fsamy.pl" style="display: none;"></iframe>
  331.             <div id="code-win-rzproxy" class="x-resizable-proxy x-unselectable" style="-moz-user-select: none; z-index: 9007;"></div>
  332.             <iframe id="rufous-sandbox" frameborder="0" scrolling="no" allowtransparency="true" allowfullscreen="true" style="position: absolute; visibility: hidden; display: none; width: 0px; height: 0px; padding: 0px; border: medium none;" title="Twitter analytics iframe"></iframe>
  333.         </body>
  334.     </html>
  335.  
  336.  
Expand|Select|Wrap|Line Numbers
  1. /*!
  2.  * Ext JS Library 3.1.0
  3.  * Copyright(c) 2006-2009 Ext JS, LLC
  4.  * licensing@extjs.com
  5.  * http://www.extjs.com/license
  6.  */
  7. /**
  8.  * @class Ext.ux.StartMenu
  9.  * @extends Ext.menu.Menu
  10.  * A start menu object.
  11.  * @constructor
  12.  * Creates a new StartMenu
  13.  * @param {Object} config Configuration options
  14.  *
  15.  * SAMPLE USAGE:
  16.  *
  17.  * this.startMenu = new Ext.ux.StartMenu({
  18.  *        iconCls: 'user',
  19.  *        height: 300,
  20.  *        shadow: true,
  21.  *        title: get_cookie('memberName'),
  22.  *        width: 300
  23.  *    });
  24.  *
  25.  * this.startMenu.add({
  26.  *        text: 'Grid Window',
  27.  *        iconCls:'icon-grid',
  28.  *        handler : this.createWindow,
  29.  *        scope: this
  30.  *    });
  31.  *
  32.  * this.startMenu.addTool({
  33.  *        text:'Logout',
  34.  *        iconCls:'logout',
  35.  *        handler:function(){ window.location = "logout.php"; },
  36.  *        scope:this
  37.  *    });
  38.  */
  39.  
  40. Ext.namespace("Ext.ux");
  41.  
  42. Ext.ux.StartMenu = Ext.extend(Ext.menu.Menu, {
  43.     initComponent: function(config) {
  44.         Ext.ux.StartMenu.superclass.initComponent.call(this, config);
  45.  
  46.         var tools = this.toolItems;
  47.         this.toolItems = new Ext.util.MixedCollection();
  48.         if(tools){
  49.             this.addTool.apply(this, tools);
  50.         }
  51.     },
  52.  
  53.     // private
  54.     onRender : function(ct, position){
  55.         Ext.ux.StartMenu.superclass.onRender.call(this, ct, position);
  56.         var el = this.el.addClass('ux-start-menu');
  57.  
  58.         var header = el.createChild({
  59.             tag: "div",
  60.             cls: "x-window-header x-unselectable x-panel-icon "+this.iconCls
  61.         });
  62.  
  63.         this.header = header;
  64.  
  65.         var headerText = header.createChild({
  66.             tag: "span",
  67.             cls: "x-window-header-text"
  68.         });
  69.         var tl = header.wrap({
  70.             cls: "ux-start-menu-tl"
  71.         });
  72.         var tr = header.wrap({
  73.             cls: "ux-start-menu-tr"
  74.         });
  75.         var tc = header.wrap({
  76.             cls: "ux-start-menu-tc"
  77.         });
  78.  
  79.         this.menuBWrap = el.createChild({
  80.             tag: "div",
  81.             cls: "x-window-body x-border-layout-ct ux-start-menu-body"
  82.         });
  83.         var ml = this.menuBWrap.wrap({
  84.             cls: "ux-start-menu-ml"
  85.         });
  86.         var mc = this.menuBWrap.wrap({
  87.             cls: "x-window-mc ux-start-menu-bwrap"
  88.         });
  89.  
  90.         this.menuPanel = this.menuBWrap.createChild({
  91.             tag: "div",
  92.             cls: "x-panel x-border-panel ux-start-menu-apps-panel"
  93.         });
  94.         this.toolsPanel = this.menuBWrap.createChild({
  95.             tag: "div",
  96.             cls: "x-panel x-border-panel ux-start-menu-tools-panel"
  97.         });
  98.  
  99.         var bwrap = ml.wrap({cls: "x-window-bwrap"});
  100.         var bc = bwrap.createChild({
  101.             tag: "div",
  102.             cls: "ux-start-menu-bc"
  103.         });
  104.         var bl = bc.wrap({
  105.             cls: "ux-start-menu-bl x-panel-nofooter"
  106.         });
  107.         var br = bc.wrap({
  108.             cls: "ux-start-menu-br"
  109.         });
  110.  
  111.         this.ul.appendTo(this.menuPanel);
  112.  
  113.         var toolsUl = this.toolsPanel.createChild({
  114.             tag: "ul",
  115.             cls: "x-menu-list"
  116.         });
  117.  
  118.         this.mon(toolsUl, 'click', this.onClick, this);
  119.         this.mon(toolsUl, 'mouseover', this.onMouseOver, this);
  120.         this.mon(toolsUl, 'mouseout', this.onMouseOut, this);
  121.  
  122.         this.items.each(function(item){
  123.             item.parentMenu = this;
  124.         }, this);
  125.  
  126.         this.toolItems.each(
  127.             function(item){
  128.                 var li = document.createElement("li");
  129.                 li.className = "x-menu-list-item";
  130.                 toolsUl.dom.appendChild(li);
  131.                 item.render(li);
  132.                 item.parentMenu = this;
  133.             }, this);
  134.  
  135.         this.toolsUl = toolsUl;
  136.  
  137.         this.menuBWrap.setStyle('position', 'relative');
  138.         this.menuBWrap.setHeight(this.height - 28);
  139.  
  140.         this.menuPanel.setStyle({
  141.             padding: '2px',
  142.             position: 'absolute',
  143.             overflow: 'auto'
  144.         });
  145.  
  146.         this.toolsPanel.setStyle({
  147.             padding: '2px 4px 2px 2px',
  148.             position: 'absolute',
  149.             overflow: 'auto'
  150.         });
  151.  
  152.         this.setTitle(this.title);
  153.     },
  154.  
  155.     // private
  156.     findTargetItem : function(e){
  157.         var t = e.getTarget(".x-menu-list-item", this.ul,  true);
  158.         if(t && t.menuItemId){
  159.             if(this.items.get(t.menuItemId)){
  160.                 return this.items.get(t.menuItemId);
  161.             }else{
  162.                 return this.toolItems.get(t.menuItemId);
  163.             }
  164.         }
  165.     },
  166.  
  167.     /**
  168.      * Displays this menu relative to another element
  169.      * @param {Mixed} element The element to align to
  170.      * @param {String} position (optional) The {@link Ext.Element#alignTo} anchor position to use in aligning to
  171.      * the element (defaults to this.defaultAlign)
  172.      * @param {Ext.ux.StartMenu} parentMenu (optional) This menu's parent menu, if applicable (defaults to undefined)
  173.      */
  174.     show : function(el, pos, parentMenu){
  175.         this.parentMenu = parentMenu;
  176.         if(!this.el){
  177.             this.render();
  178.         }
  179.  
  180.         this.fireEvent("beforeshow", this);
  181.         this.showAt(this.el.getAlignToXY(el, pos || this.defaultAlign), parentMenu, false);
  182.         var tPanelWidth = 100;
  183.         var box = this.menuBWrap.getBox();
  184.         this.menuPanel.setWidth(box.width-tPanelWidth);
  185.         this.menuPanel.setHeight(box.height);
  186.  
  187.         this.toolsPanel.setWidth(tPanelWidth);
  188.         this.toolsPanel.setX(box.x+box.width-tPanelWidth);
  189.         this.toolsPanel.setHeight(box.height);
  190.     },
  191.  
  192.     addTool : function(){
  193.         var a = arguments, l = a.length, item;
  194.         for(var i = 0; i < l; i++){
  195.             var el = a[i];
  196.             if(el.render){ // some kind of Item
  197.                 item = this.addToolItem(el);
  198.             }else if(typeof el == "string"){ // string
  199.                 if(el == "separator" || el == "-"){
  200.                     item = this.addToolSeparator();
  201.                 }else{
  202.                     item = this.addText(el);
  203.                 }
  204.             }else if(el.tagName || el.el){ // element
  205.                 item = this.addElement(el);
  206.             }else if(typeof el == "object"){ // must be menu item config?
  207.                 item = this.addToolMenuItem(el);
  208.             }
  209.         }
  210.         return item;
  211.     },
  212.  
  213.     /**
  214.      * Adds a separator bar to the Tools
  215.      * @return {Ext.menu.Item} The menu item that was added
  216.      */
  217.     addToolSeparator : function(){
  218.         return this.addToolItem(new Ext.menu.Separator({itemCls: 'ux-toolmenu-sep'}));
  219.     },
  220.  
  221.     addToolItem : function(item){
  222.         this.toolItems.add(item);
  223.         if(this.ul){
  224.             var li = document.createElement("li");
  225.             li.className = "x-menu-list-item";
  226.             this.ul.dom.appendChild(li);
  227.             item.render(li, this);
  228.             this.delayAutoWidth();
  229.         }
  230.         return item;
  231.     },
  232.  
  233.     addToolMenuItem : function(config){
  234.         if(!(config instanceof Ext.menu.Item)){
  235.             if(typeof config.checked == "boolean"){ // must be check menu item config?
  236.                 config = new Ext.menu.CheckItem(config);
  237.             }else{
  238.                 config = new Ext.menu.Item(config);
  239.             }
  240.         }
  241.         return this.addToolItem(config);
  242.     },
  243.  
  244.     setTitle : function(title, iconCls){
  245.         this.title = title;
  246.         this.header.child('span').update(title);
  247.         return this;
  248.     }
  249. });
IT IS IMPOSSIBLE TO HIDE THE CODE JUST YOU CAN MAKE IT MORE DIFFICULT TO ACCESS
Mar 29 '18 #45
Taro
4
Maybe you do not understand everything.
In turn, I do not quite understand you. :((
Most likely we are talking about different things.
Mar 29 '18 #46
gits
5,390 Expert Mod 4TB
this thread starts to derail - i suggest to open a question in the questions section if there is a need for it - this section here is thought for articles and discussions about them - not for answering questions or help with particular issues in someones code.
Mar 29 '18 #47

Sign in to post your reply or Sign up for a free account.

Similar topics

10
by: Mark | last post by:
Sorry, I'm a newbie to php ;) I was thinking about using php to write the script file, something like: <script type="text/javascript" src="http://insert_url_here.com/myScript.php"></script> ...
2
by: ms_mmswan | last post by:
I am trying to have multiple layers on a page that toggle on and off, it works on a htm file but when I use it as an asp file it doesnt show anything. This is the javascript code that is...
13
by: Dave Schwimmer | last post by:
Is it possible to 'hide' javascript from a user. I am thinking of putting some fairly proprietary logic client side (to release burden on server) - but I dont want to make the source freely...
3
by: Eduardo F. Sandino | last post by:
Any one knows how to encrypt javascript code... other way than escape() and unescape() [not is encrypt but a way to protect source code ????
2
by: just_kim_usa | last post by:
I've heard Google now has some JS reading (running) capabilities. Is there a way i can write JS code without letting biG-brother understand it? if possible, pls give example of what would G would...
4
by: FAQ server | last post by:
----------------------------------------------------------------------- FAQ Topic - How do I protect my javascript code? ----------------------------------------------------------------------- ...
4
Coldfire
by: Coldfire | last post by:
I know javascript code executes at client end i.e. at browser, BUT is there any way to hide ur javascript functionality?
4
by: OldDrunkenSailor | last post by:
So I used a puzzle that I made in a CS class and integrated it into a new site that I made for my University's tennis club. My professor saw it and asked that I take down the puzzle because it is...
3
by: waqasahmed996 | last post by:
hi to all its my first message in new format:) actually i have a translator which translate english into arabic. but i have to face a problem that when translator translates words then it...
2
isladogs
by: isladogs | last post by:
The next Access Europe meeting will be on Wednesday 7 Feb 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:30 (7.30PM). In this month's session, the creator of the excellent VBE...
0
by: DolphinDB | last post by:
Tired of spending countless mintues downsampling your data? Look no further! In this article, you’ll learn how to efficiently downsample 6.48 billion high-frequency records to 61 million...
0
by: Aftab Ahmad | last post by:
Hello Experts! I have written a code in MS Access for a cmd called "WhatsApp Message" to open WhatsApp using that very code but the problem is that it gives a popup message everytime I clicked on...
0
by: Aftab Ahmad | last post by:
So, I have written a code for a cmd called "Send WhatsApp Message" to open and send WhatsApp messaage. The code is given below. Dim IE As Object Set IE =...
0
by: ryjfgjl | last post by:
ExcelToDatabase: batch import excel into database automatically...
0
by: marcoviolo | last post by:
Dear all, I would like to implement on my worksheet an vlookup dynamic , that consider a change of pivot excel via win32com, from an external excel (without open it) and save the new file into a...
1
isladogs
by: isladogs | last post by:
The next Access Europe meeting will be on Wednesday 6 Mar 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM). In this month's session, we are pleased to welcome back...
0
by: Vimpel783 | last post by:
Hello! Guys, I found this code on the Internet, but I need to modify it a little. It works well, the problem is this: Data is sent from only one cell, in this case B5, but it is necessary that data...
0
by: jfyes | last post by:
As a hardware engineer, after seeing that CEIWEI recently released a new tool for Modbus RTU Over TCP/UDP filtering and monitoring, I actively went to its official website to take a look. It turned...

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.