By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
459,473 Members | 1,267 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 459,473 IT Pros & Developers. It's quick & easy.

Redirecting output

P: n/a
I generate a string in PHP with headers that write a file to the disk.
(the user is asked whether to open it or to save it).

Using AJAX, the string is written to the screen instead. What I would
like to know is how to redirect the output to not be to the screen but
to open the file (as it is without AJAX). For other output I direct the
output to a names <divtag to appear on the screen. How do I specify
the target here?
Jun 27 '08 #1
Share this Question
Share on Google+
5 Replies


P: n/a
On Apr 20, 11:31 am, sheldonlg <sheldonlgwrote:
I generate a string in PHP with headers that write a file to the disk.
(the user is asked whether to open it or to save it).

Using AJAX, the string is written to the screen instead. What I would
like to know is how to redirect the output to not be to the screen but
to open the file (as it is without AJAX). For other output I direct the
output to a names <divtag to appear on the screen. How do I specify
the target here?
I'm not sure if I understood your question, but it seems you want to
use javascript to open and write a local file. Is that correct? If so,
then I must say that for security reasons, there is no way to open
local files using javascript in a web browser. At least, as far as I
know.

I don't know if it helps, but all you can do here, is send the data
from the client to the server and then write a file with that data 'on
the server'. On the client, I dont think it will be possible.
Jun 27 '08 #2

P: n/a
Rodrigo Dias Cruz wrote:
On Apr 20, 11:31 am, sheldonlg <sheldonlgwrote:
>I generate a string in PHP with headers that write a file to the disk.
(the user is asked whether to open it or to save it).

Using AJAX, the string is written to the screen instead. What I would
like to know is how to redirect the output to not be to the screen but
to open the file (as it is without AJAX). For other output I direct the
output to a names <divtag to appear on the screen. How do I specify
the target here?

I'm not sure if I understood your question, but it seems you want to
use javascript to open and write a local file. Is that correct? If so,
then I must say that for security reasons, there is no way to open
local files using javascript in a web browser. At least, as far as I
know.

I don't know if it helps, but all you can do here, is send the data
from the client to the server and then write a file with that data 'on
the server'. On the client, I dont think it will be possible.
Yes, it is and I have done it (sending commands built in PHP).

What happens is that there is a pop-up that asks the user whether he
wants to open the file or save it. He can also cancel. This satisfies
the security question because the user must give permission. In PHP
this is accomplished with the following header calls:

header("Content-type: application/octet-stream");
header("Content-Disposition: attachment; filename=" . $excel_file_name);
header("Pragma: no-cache");
header("Expires: 0");

The result is as I stated above. I believe there are similar calls in
javascript, but I haven't used those before.
Jun 27 '08 #3

P: n/a
VK
On Apr 21, 3:34 pm, sheldonlg <sheldonlgwrote:
What happens is that there is a pop-up that asks the user whether he
wants to open the file or save it. He can also cancel. This satisfies
the security question because the user must give permission.
Not in the default browser security model. In in the default browser
security model Javascript has no access to the local file system _of
any kind_ - that includes any kind of runtime dialogs to beg a
permission from the user. It is very smart way to do because the
practice proved that end users very rarely are able to make an
educated decision "allow/don't allow" for security sensitive question:
thus an additional protection level is needed. Respectively to get a
permission to ask for a permission the script has to be properly
signed first. There is a trick for IE and Firefox to get such pop up
for some runtime generated content:
http://groups.google.com/group/comp....ab048d640b343b

I do expect that SaveAs exploit will be fixed sooner or later for IE -
if not already fixed. It also doesn't help for any other browsers
besides IE and Firefox.

This way just relax and use the standard age old server-side schema
which works just fine everywhere:

<form name="saver"
target="dumpster"
action="pushback.php">
<input type="hidden" name="data" value="">
</form>
<iframe name="dumpster"
src="blank.html"
style="display: none !important"></iframe>

then in your script:

document.forms['saver'].data.value = currentValue;
document.forms['saver'].submit();

then on your server pushpack.php returns data with octet-stream header
to trig Save As dialog.
Jun 27 '08 #4

P: n/a
On 21 Apr, 12:34, sheldonlg <sheldonlgwrote:
Rodrigo Dias Cruz wrote:
>I'm not sure if I understood your question, but it seems you want to
use javascript to open and write a local file. Is that correct? If so,
then I must say that for security reasons, there is no way to open
local files using javascript in a web browser. At least, as far as I
know.
Yes, it is and I have done it
No you haven't.
(sending commands built in PHP).
See, this is not javascript.
What happens is that there is a pop-up that asks the user whether he
wants to open the file or save it. He can also cancel. This satisfies
the security question because the user must give permission.
Once again, no javascript
Jun 27 '08 #5

P: n/a
sheldonlg wrote on 21 apr 2008 in comp.lang.javascript:
Rodrigo Dias Cruz wrote:
>On Apr 20, 11:31 am, sheldonlg <sheldonlgwrote:
>>I generate a string in PHP with headers that write a file to the
disk. (the user is asked whether to open it or to save it).

Using AJAX, the string is written to the screen instead. What I
would like to know is how to redirect the output to not be to the
screen but to open the file (as it is without AJAX). For other
output I direct the output to a names <divtag to appear on the
screen. How do I specify the target here?

I'm not sure if I understood your question, but it seems you want to
use javascript to open and write a local file. Is that correct? If
so, then I must say that for security reasons, there is no way to
open local files using javascript in a web browser. At least, as far
as I know.

I don't know if it helps, but all you can do here, is send the data
from the client to the server and then write a file with that data
'on the server'. On the client, I dont think it will be possible.

Yes, it is and I have done it (sending commands built in PHP).

What happens is that there is a pop-up that asks the user whether he
wants to open the file or save it. He can also cancel. This
satisfies the security question because the user must give permission.
In PHP this is accomplished with the following header calls:

header("Content-type: application/octet-stream");
header("Content-Disposition: attachment; filename=" .
$excel_file_name); header("Pragma: no-cache");
header("Expires: 0");

The result is as I stated above. I believe there are similar calls in
javascript, but I haven't used those before.
Yes there are, in serverside javascript [ASP-Jscript].

--
Evertjan.
The Netherlands.
(Please change the x'es to dots in my emailaddress)
Jun 27 '08 #6

This discussion thread is closed

Replies have been disabled for this discussion.