0
rekha's Avatar
Contributor
Hi venami,

I tried removing single quotes but it is not working for me.It is giving me parse error.

Pls help.......
0
rekha's Avatar
Contributor
Hi venami,

I tried the following code and it works fine for me.But I used rawurlencode.So the $ss value is encoded.But it is not executing the code.The encoded text just appears.Pls look into it where I went wrong.

Code:
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<?php

$ss='</script><script type="text/javascript"><!--
google_ad_client = "pub-3229609591361912";
/* 728x90,created 5/2/08 */
google_ad_slot = "0355456913";
google_ad_width = 728;
google_ad_height = 90;
//-->
</script>
<script type="text/javascript" src = "http://pagead2.googlesyndication.com/pagead/show_ads.js"></script><script>';
$ss=rawurlencode($ss);
//echo $ss;
?>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>Untitled Document</title>
</head>
<body>
<div id="container">
This is the default text
</div>

<?php
echo <<<TXT
<script type='text/javascript'>
window.onload = function(){
var d = document.getElementById('container');
var def = d.childNodes[0].nodeValue;
t = 5000;
setTimeout(function()
        {
        d.childNodes[0].nodeValue = '$ss';
        //alert('$ss');
        setTimeout(function()
                {
                d.childNodes[0].nodeValue = def;
                setTimeout(function()
                        {
                        d.childNodes[0].nodeValue = '';
                        },
                     t);
                },
             t);
        },
     t);
};
</script>
TXT;

?>
</body>
</html>
0
venami's Avatar, Join Date: Dec 2008
Ambitious contributor
On using the URL Encode function, the spaces and other special characters used in an URL are encoded. This is done when you are passing URL in a variable and to get back the original URL again.

Since the variable $ss is encoded, after encoding, it contains no more a Javascript code but only text. So it won't be parsed by the web browser.

As mentioned earlier, the problem is with the quotes. Have to dig into the code.