Configuring Apache to recognize external js files

Need help installing PHP, configuring a script, or configuring a server? Then come on in and post your questions! We'll try to help the best we can!

Moderator: General Moderators

nawhaley
Forum Commoner
Posts: 85
Joined: Wed May 18, 2005 11:43 am

Configuring Apache to recognize external js files

Post by nawhaley »

my Apache 2.0 server dosent seem to recognize lines of code like the following

Code: Select all

<script type="text/javascript" src="md5.js"></script>
basically any external .js file it will not recognize at all how do you configure apache to recognize and load these types of files?
foobar
Forum Regular
Posts: 613
Joined: Wed Sep 28, 2005 10:08 am

Post by foobar »

What problems are you experiencing? Does the script not show?

Also, this shouldn't really have anything to do with your Apache configuration. Maybe you just have JS switched off on your browser, per chance?
nawhaley
Forum Commoner
Posts: 85
Joined: Wed May 18, 2005 11:43 am

Post by nawhaley »

when I try to use any of the functions from that js the browser isnt recognizing them. Like for instance I put that line of code in then later in my code I do a line like the following.

Code: Select all

hashedpassword =hex_md5(document.getElementById('password').value)
and my javascript console in firefox is telling me that the function hex_md5 is not defined even though above it I defined it using the following line.

Code: Select all

<script type="text/javascript" src="md5.js"></script>
foobar
Forum Regular
Posts: 613
Joined: Wed Sep 28, 2005 10:08 am

Post by foobar »

That may be a FF bug. Try putting your script on the same page.
nawhaley
Forum Commoner
Posts: 85
Joined: Wed May 18, 2005 11:43 am

Post by nawhaley »

thats odd the line including the js fle is on the same page where I put the code using it do you mean copy the entire js file contents and put it in the page?
Roja
Tutorials Group
Posts: 2692
Joined: Sun Jan 04, 2004 10:30 pm

Post by Roja »

Definitely sounds odd.

If you have a link we can look at, we might be able to help more.

Apache shouldn't have anything to do with the issue - as long as it serves the html which contains the js line, it has done its job.

Then the next thing to check is whether the path for that js file is correct. If you can access it directly using that path, then Apache has served the js appropriately.

I suspect it may be something less obvious, perhaps you put the script definition in the wrong part of the html, misunderstand how the path is structured, or have the permissions on the js file (or the directories containing it) wrong.

I use that exact method for several files, and Apache serves it, with Firefox receiving it.

Share the url, and we can help debug it with you.
nawhaley
Forum Commoner
Posts: 85
Joined: Wed May 18, 2005 11:43 am

Post by nawhaley »

the page isnt actually live yet I'm doing testing and debugging on my local PC using Apache to debug the PhP code and firefoxs javascript console for the javascript debugging. Here is the page in its entirety hopefully this will help.

Code: Select all

<?
session_start();
include 'maintfunctions.php';
if($_POST['username']=="")
  {
   ?>
  <script type="text/javascript" src="md5.js"></script>
  <SCRIPT LANGUAGE ="javascript">
    alert("Sorry the Username is incorrect please try again.");
           document.write('<? UserLogin(); ?>');
  </SCRIPT>
   <?
  }
else
 {
 
$username = $_POST['username'];
$link = odbc_connect("ImmagetechQuiz","Trainee","tra1ning");
$passwordquery = "SELECT Password FROM tblStudents WHERE Username ='$username'";
$presult = odbc_exec($link,$passwordquery);


if(odbc_fetch_row($presult))
  {
  $_SESSION['password'] = md5(odbc_result($presult,"Password"))+$_SESSION['challange'];

    ?>
    <SCRIPT LANGUAGE ="text/javascript">
     hashedpassword ="";
     
    if(document.getElementById.value =="")
      {
       alert("Please enter your password.");
       document.write('<?UserLogin();?>');
      }
    else 
      {
       hashedpassword = hex_md5(document.getElementById('password').value);
       hasheedpassword = hashedpassword+'<? echo $_SESSION['challange']?>';
      }
     if(hashedpassword ==<? echo $_SESSION['password']?>)
       {
        window.location('http://localhost/MainMenu.php');
       }
     else
       {
        alert("Your username or password was incorrect please try again.");
        document.write('<?UserLogin();?>');
       }
    </SCRIPT>
   <?
  
  }

else
  {
   ?>
    <SCRIPT LANGUAGE = "javascript">
     alert("Username does not exist in Database please try again.");
     document.write('<?UserLogin();?>');
    </SCRIPT>
   <?
  }

}
?>
Roja
Tutorials Group
Posts: 2692
Joined: Sun Jan 04, 2004 10:30 pm

Post by Roja »

nawhaley wrote:the page isnt actually live yet I'm doing testing and debugging on my local PC using Apache to debug the PhP code and firefoxs javascript console for the javascript debugging. Here is the page in its entirety hopefully this will help.
If that is the page in its entirety the problem is that its not an html page at all! You don't have:

Code: Select all

<html>
<head>
<!-- // Javascript should go in here, ideally! -->
</head>
<body>
</body>
</html>
Without those items (and actually, you need a few more), its not even a webpage you are producing, so there is no reasonable way to guess what a webbrowser will do with it.
nawhaley
Forum Commoner
Posts: 85
Joined: Wed May 18, 2005 11:43 am

Post by nawhaley »

all the pages I'm doing are at heart PhP pages thats one of the reasons I didnt bother with the HTMl header tags etc. All my other pages are designed similarly with inline javascript and act predictably save this one. I'll add those lines to it then do my PHP if you feel it will make a difference to the way the scripts reacting.
Roja
Tutorials Group
Posts: 2692
Joined: Sun Jan 04, 2004 10:30 pm

Post by Roja »

nawhaley wrote:all the pages I'm doing are at heart PhP pages
PHP is the processing language. The *output*, which you want a browser to interpret, is text.

Until you give it html tags, its just text. The browser will parse it as what it is - tag soup. That means you have no way of knowing what the results will be. You aren't giving it a webpage.
nawhaley wrote:thats one of the reasons I didnt bother with the HTMl header tags etc. All my other pages are designed similarly with inline javascript and act predictably save this one.
If it is not HTML, there is no "predictable" behavior at all. The browsers behavior is undefined. Thats why you produce compliant HTML code - so that you get a predictable behavior, and can debug whats going wrong.
nawhaley wrote:I'll add those lines to it then do my PHP if you feel it will make a difference to the way the scripts reacting.
It will change the situation. Currently, you give an undefined set of text to a browser and hope it does what you think it should.

By giving it valid html, you can then check to see if the browser parses the html correctly or not.

Without doing so, there is nothing you can do but guess.
nawhaley
Forum Commoner
Posts: 85
Joined: Wed May 18, 2005 11:43 am

Post by nawhaley »

Ok oddly though my pages have all acted in a predictable manner that you would expect from a normal HTML page with a form setup in it. Ok heres the best I can do to make it an actual HTML page the whole thing is giving me a headache and I'm honestly totally lost on how to call the password() function from PhP at this point so the whole things busted but here it is.

Code: Select all

<HTML>
<HEAD>
   <SCRIPT type="text/javascript" src="md5.js">

   function password()
    {
     hashedpassword ="";
     
    if(document.getElementById('password').value =="")
      {
       alert("Please enter your password.");
       document.write('<?UserLogin();?>');
      }
    else 
      {
       hashedpassword = hex_md5(document.getElementById('password').value);
       hasheedpassword = hashedpassword+'<? echo $_SESSION['challange']?>';
      }
     if(hashedpassword ==<? echo $_SESSION['password']?>)
       {
        window.location('http://localhost/MainMenu.php');
       }
     else
       {
        alert("Your username or password was incorrect please try again.");
        document.write('<?UserLogin();?>');
       }
    }
    </SCRIPT>
</HEAD>
<BODY>
<?
session_start();
include 'maintfunctions.php';
if($_POST['username']=="")
  {
   ?>
  
  <SCRIPT LANGUAGE ="javascript">
    alert("Sorry the Username is incorrect please try again.");
           document.write('<? UserLogin(); ?>');
  </SCRIPT>
   <?
  }
else
 {
 
$username = $_POST['username'];
$link = odbc_connect("ImmagetechQuiz","Trainee","tra1ning");
$passwordquery = "SELECT Password FROM tblStudents WHERE Username ='$username'";
$presult = odbc_exec($link,$passwordquery);


if(odbc_fetch_row($presult))
  {
  
  $_SESSION['password'] = md5(odbc_result($presult,"Password")+$_SESSION['challange']);
  
   
  
  }

else
  {
   ?>
    <SCRIPT LANGUAGE = "javascript">
     alert("Username does not exist in Database please try again.");
     document.write('<?UserLogin();?>');
    </SCRIPT>
   <?
  }

}
?>
</BODY>
</HTML>
josh
DevNet Master
Posts: 4872
Joined: Wed Feb 11, 2004 3:23 pm
Location: Palm beach, Florida

Post by josh »

well you would need to call it from your form, probaby from the onSubmit attribute of the form, remember PHP is parsed *before* the text is received by your browser, and your browser runs the javascript entirely seperately


(unless we're talking about ajax but that's out of the scope of this discussion, and even then this still holds true it's just debatable and so I won't make a bold statement)
nawhaley
Forum Commoner
Posts: 85
Joined: Wed May 18, 2005 11:43 am

Post by nawhaley »

right that makes sense but now comes the question of how do I make this work at all then. Since I need to have my javascript work when the login button is pressed on my form but at the same time a lot of my checks in PHP are post based how on earth are the two going to synch up enough to verify the password without making it more susceptable to hacking. This whole things giving me a headache honestly. All I'm trying to do is a secure login system to my application which already works perfectly fine. I don't want to send the passwords as clear text I want to have it hashed before it goes across I also want a random number that both the server and the client know factored in so that someone cant just grab the hash and put it in for the password. I thought I understood the code I had seen online enough to make a functioning version on my own but now I don't have a clue.
nawhaley
Forum Commoner
Posts: 85
Joined: Wed May 18, 2005 11:43 am

Post by nawhaley »

Roja wrote:
nawhaley wrote:the page isnt actually live yet I'm doing testing and debugging on my local PC using Apache to debug the PhP code and firefoxs javascript console for the javascript debugging. Here is the page in its entirety hopefully this will help.
If that is the page in its entirety the problem is that its not an html page at all! You don't have:

Code: Select all

<html>
<head>
<!-- // Javascript should go in here, ideally! -->
</head>
<body>
</body>
</html>
Without those items (and actually, you need a few more), its not even a webpage you are producing, so there is no reasonable way to guess what a webbrowser will do with it.
Ok in response to this and my following confusion on how to make it a "webpage" are there any sites that show the "proper" way to do PhP so its not as you put it "tag soup". Because out of all the sites I've seen my code really isnt any worse than anyone elses and 99% of it is working. I'm all for making clean and compliant code so long as I have rules and a model to go by. The issue with doing that currently is I had no rules no guidelines and no help when I started this. I simply picked up PHP because my buisness needed a project done and told me to do it. I "am" the IT department here so anything that gets done gets done by me including code which means I have no referances no one to ask if my code is compliant or not which is why you get the jumbled mess of code you see above me.
josh
DevNet Master
Posts: 4872
Joined: Wed Feb 11, 2004 3:23 pm
Location: Palm beach, Florida

Post by josh »

http://validator.w3.org/

just because 99% of the code out there is worse then yours (in your opinion of course :roll: ) does not make your code valid


Don't get defensive about it, we are here to help


Also regarding your login system, I would say a fairly secure way of doing it is have javascript pick the random number, and hash the password with that number, and send to the server

1 - the hash of the pass / and number
2 - the number in plain text

from this your server can authenticate the user, then you just have a mysql table that holds numbers that have already been used and just make sure not to accept the same one twice.

You should also be doing this through SSL, which is an added layer of protection, encryption tunnels
Post Reply