I have a working imacros script that extracts 3 urls from a page, creates variables from them, moves on to a different page and then inputs one of the variables into a form. Right now I just hardcode {{!VAR1}}, but what I would like to do is make the input random from the three variables. So instead of this:
CONTENT={{!VAR1}}
I would like to have either {{!VAR1}} or {{!VAR2}} or {{!VAR3}} be the input randomly.
Is this possible?
Yes. Use JavaScript scripting http://wiki.imacros.net/Web_Scripting
With use of JavaScript you can find some random functions do this.
Related
I am wondering how to achieve this with Flask and WTForms for UI purposes. This input takes up to 10 responses separated by comma. enter image description here
I hope for each response to be cemented in the input after the user types in a comma for UI purposes (I can handle it on the backend). So for example, they type in "Red," and "Red" is cemented in the input with the ability to delete it. Any library suggestions or ideas on how I should attack this?
You would need JavaScript to do this. This question might be of some help: Dynamically check text input. I would do a search on dynamically checking text input.
I am trying to develop a multistep webform in Drupal 8 using Webform 8.x-5.1. I have written a WebformHandler that extends Drupal\webform\Plugin\WebformHandlerBase and made it available to the webform.
In the first step of the webform, I collect a text-field. I would like to display the value of that text-field in an HTML element (Advanced HTML/Text or Basic HTML) on the second page after doing some computation.
I have overwritten submitForm() in the WebformHandler and in it assign the value I want to the HTML element as follows:
$form['elements']['page_name']
['advanced_html_element']['#text'] = '...my HTML...';
Using ksm() I can see that this assignment works, but the the HTML element is not rendered with my HTML: the element is either invisible or contains the initial value set up in the form editor.
Clearly I'm missing something. Should I be using something other than submitForm? Can anyone help me?
It's been a long haul, but I've finally worked out how to do what I want to. The following works for me.
Firstly, I discovered the method validateForm in WebformHandlerBase. On each page in a form with multiple pages, you will find that the following methods are called in the order given here:
submitForm (called once)
alterForm(called possibly more than once)
validateForm (called once)
The name validateForm leads me to believe I may be misusing this method, but that is where I set up the elements on the following page that I wish to programmatically initialise. It works, so what the hey!
In validateForm, I initialise the elements that appear on the following page as follows:
$form_state->setValue(<element name>, <data structure>);
The <element name> is the name you give the element in the form editor ("Build" tab). The <data structure> has to be correct, of course: I suggest you find the appropriate structure by first filling in the element on the next page manually and seeing what turns up in $form_state.
There is also a $form_state->getValue(<element name>), which seems to me to mean that $form_state can also be used for storing session data, say in hidden fields. I initially used Drupal::service('tempstore.private')->get('xxx') for storing data that had to be available across page boundaries, but $form_state might be a cleaner solution.
I hope this helps someone: I spent a horribly long time trying to get this to work.
I'm crawling and the pages I'm dealing with have sequential page IDs.
There is no link such as 'Next Page' for the crawler to follow.
So, I want to produce a list of numbers starting with
00000001
and ending with
00013099
But am having trouble writing an expression/comprehension which captures that. Will be very grateful for any help!
Thank you!
Scrapy's response.follow(href, callback) works not only with actual hrefs to be scraped from the page, but also with auto-generated ones... simply use a for cicle, then generate links by string concatenation, and pass it to follow.
I've found several ways to automate folder comparison using scripts in Beyond Compare, but none that produce the pretty html report created from Session>Folder Compare Report>View in browser.
Here is an example of what that looks like.
I would love to be able to find the script that gives me that html difference report.
Thanks!
This is what I am currently getting
load "C:\Users\UIDQ5763\Desktop\Enviornment.cpp" &
"C:\Users\UIDQ5763\Desktop\GreetingsConsoleApp"
folder-report layout:side-by-side options:display-all &
output-to:C:\Users\UIDQ5763\Report.html output-options:html-color
The documentation for Beyond Compare's scripting language is here. You were probably missing either layout:side-by-side, which gives the general display, or output-options:html-color which is required to get the correct HTML stylized output. You may want to change options:display-all to options:display-mismatches if you only want to see the differences, and you might want to add an expand all command immediately before the folder-report line if you want to see the subfolders recursively.'
The & characters shown in the sample are line continuation characters. Remove them if you don't need to wrap your lines.
I have been working with Coldfusion 9 lately (background in PHP primarily) and I am scratching my head trying to figure out how to 'clean/sanitize' input / string that is user submitted.
I want to make it HTMLSAFE, eliminate any javascript, or SQL query injection, the usual.
I am hoping I've overlooked some kind of function that already comes with CF9.
Can someone point me in the proper direction?
Well, for SQL injection, you want to use CFQUERYPARAM.
As for sanitizing the input for XSS and the like, you can use the ScriptProtect attribute in CFAPPLICATION, though I've heard that doesn't work flawlessly. You could look at Portcullis or similar 3rd-party CFCs for better script protection if you prefer.
This an addition to Kyle's suggestions not an alternative answer, but the comments panel is a bit rubbish for links.
Take a look a the ColdFusion string functions. You've got HTMLCodeFormat, HTMLEditFormat, JSStringFormat and URLEncodedFormat. All of which can help you with working with content posted from a form.
You can also try to use the regex functions to remove HTML tags, but its never a precise science. This ColdFusion based regex/html question should help there a bit.
You can also try to protect yourself from bots and known spammers using something like cfformprotect, which integrates Project Honeypot and Akismet protection amongst other tools into your forms.
You've got several options:
"Global Script Protection" Administrator setting, which applies a regular expression against post and get (i.e. FORM and URL) variables to strip out <script/>, <img/> and several other tags
Use isValid() to validate variables' data types (see my in depth answer on this one).
<cfqueryparam/>, which serves to create SQL bind parameters and validate the datatype passed to it.
That noted, if you are really trying to sanitize HTML, use Java, which ColdFusion can access natively. In particular use the OWASP AntiSamy Project, which takes an HTML fragment and whitelists what values can be part of it. This is the same approach that sites like SO and slashdot.org use to protect submissions and is a more secure approach to accepting markup content.
Sanitation of strings in coldfusion and in quite any language is very important and depends on what you want to do with the string. most mitigations are for
saving content to database (e.g. <cfqueryparam ...>)
using content to show on next page (e.g. put url-parameter in link or show url-parameter in text)
saving files and using upload filenames and content
There is always a risk if you follow the idea to prevent and reduce a string by allow basically everything in the first step and then sanitize malicious code "away" by deleting or replacing characters (blacklist approach).
The better solution is to replace strings with rereplace(...) agains regular expressions that explicitly allow only the characters needed for the scenario you use it as an easy solution, whenever this is possible. use cases are inputs for numbers, lists, email-addresses, urls, names, zip, cities, etc.
For example if you want to ask for a email-address, you could use
<cfif reFindNoCase("^[A-Z0-9._%+-]+#[A-Z0-9.-]+\.(?:[A-Z]{5})$", stringtosanitize)>...ok, clean...<cfelse>...not ok...</cfif>
(or an own regex).
For HTML-Imput or CSS-Imput I would also recommend OWASP Java HTML Sanitizer Project.