Smrf Posted February 14, 2008 Share Posted February 14, 2008 ok so i've got a simple site, with a simple form that i want users to be able to post simple ads with, the ads will appear as soon as a user posts them, with no other restrictions or registering except my javascript form validation which is extensive. the html form passes the data from user input to my php file the php code creates a .js file with the data as javascript code (the php writes(appends) the form input as javascript to the end of the .js file) that .js file is set up to add to the innerhtml of a div in an html file based on the value of a variable (this happens when the html page with that div is loaded - onload it calls for the function -) that variable (call it stat) is below the div change function in the .js file and starts like: stat='<br>' the php code appends to it like this: +'input' in this way when a user submits their data the variable stat is added to and in this way the .js file becomes a database of sorts why am i doing this? for complete control of the style and flow of the output on the html page you see, i can control the style of the div,user inserted links... both in the html page and by giving the variable (stat) html tags before output. also it eliminates me having to somehow end my created file i.e. creating an </html> tag I've done this with xml but it takes about 80% more code (and i have to always end the xml file) I've done this with asp and ditto, and well, i don't like asp so... My Questions are: Is this an unsecure method? (besides the obvious js issues, this data is after all is ment to be seen) Am I crazy for doing this? Would this data be considered on the client or server? Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.