I am attempting to create a search bar using a custom HTML component for predictive text input. The way this component is built, it generates several plain HTML children that I need to act on to get full features. Specifically, I need to execute a blur action on one of the generated elements when the user presses escape or enter.
I got it to work using a ref on the custom component and calling getElementsByClassName on the ref, but using getElementsByClassName does not seem like the best solution. It pierces through the virtual and has odd side effects when testing.
This is a snippet of the component being rendered:
<predictive-input id='header-search-bar-input' type='search'
value={this.state.keywords}
ref={(ref: any) => this.predictiveInput = ref}
onKeyDown={(e: React.KeyboardEvent<any>) => this.handleKeyDown(e)}>
</predictive-input>
and the keyDown handler:
private handleKeyDown(e: React.KeyboardEvent<any>) {
// must access the underlying input element of the kat-predictive-input
let input: HTMLElement = this.predictiveInput.getElementsByClassName('header-row-text value')[0] as HTMLElement;
if (e.key === 'Escape') {
// blur the predictive input when the user presses escape
input.blur();
} else if (e.key === 'Enter') {
// commit the search when user presses enter
input.blur();
// handles action of making actual search, using search bar contents
this.commitSearch();
}
}
The element renders two children, one for the bar itself and one for the predictive dropdown. The classes of the underlying in the first are 'header-row-text' and 'value', so the element is correctly selected, but I am worried that this is violating proper React style.
I am using React 16.2, so only callback refs are available. I would rather avoid upgrading, but if a 16.3+ solution is compelling enough, I could consider it.
If you don't have any control over the input then this is the best approach in my opinion.
It's not ideal, but as you're stuck with a 3rd party component you can only choose from the methods that are available to you. In this case, your only real options are to find the element based on its class, or its position in the hierarchy. Both might change if the package is updated, but if I had to choose which would be more stable, I'd go for className.
I'm working on a web app and users sometimes paste in things they've copy/pasted from other places and that input may come with the character (0xAD). I don't want to filter it out, I simply need the user to see that there is an invisible character there, so they have no surprises later.
Does anyone know a way to make the always be visible? To show a hyphen, rather than remain hidden? I suspect a custom web font might be needed, if so, does anyone know of a pre-existing one?
You would need to either use JavaScript or a custom typeface that has a visible glyph for the soft-hyphen character. Given the impracticalities of working with typefaces for the web (and burdening the user with an additional hundred-kilobyte download) I think the JavaScript approach is best, like so:
document.addEventListener("DOMContentLoaded", function(domReadyEvent) {
var textBoxes = document.querySelectorAll("input[type=text]");
for(var i=0;i<textBoxes.length;i++) {
textBoxes[i].addEventListener("paste", function(pasteEvent) {
var textBox = pasteEvent.target;
textBox.value = textBox.value.replace( "\xAD", "-" );
} );
}
} );
Tumblr is really impressive in the sense that it allows users to customize their profiles and such. You're allowed to edit the HTML and CSS of your profile.
This is something I want to apply to my own site. However, I'm sure that this will be a big burden on security.
Does anyone have any tips or precautions for a feature like Tumblr's? Also, is it advisable to store the editable HTML and CSS in a database? Thank you :D
P.S.
What about server-side scripting? Lets say I wanted to grant the option of allowing the user to script a button that does something to the database. Any thoughts on how to do this?
This is a very difficult thing to get right, in my experience, if you want users to be able to use absolutely all of HTML/CSS. What you could do, however, is strip all CSS and HTML attributes, and only put "safe" code on a whitelist.
Examples
<p>This is legal code.</p>
<p><a onload="alert('XSS!')">The attribute should be filtered out</a></p>
<p>This is a legal link.
Of course you should still sanitize the href attribute!</p>
<h1>This is bad, because the rest of the page is going to huge,
so make sure there's a closing tag
<style>
.blue {
color: #00f; // keep this (by whitelist)
strange-css-rule: possibly-dangerous; // Filter this out!
}
</style>
Those are just some of the pitfalls you can encounter, though.
I'm not familiar with Tumblr, but I'm pretty sure they're doing something similar to this.
As for the database question, of course you can store HTML and CSS in a database, many systems do this. In your case, you would just need one representation anyway, anything else would just confuse the user ("Why is my CSS rule not applied; it's right there in the code!")
If you are using php then, for database issue you can use mini API system. For example, you want user to allow comment on something and save it in your database, then you can use API like this.
First, api.php file, (URL Location: http://yoursite.com/api.php)
<?php
// ID and Key can be different for all users.
// id = 1234
// key = 'secret_key'
// function = name of the function, user can call
// option = parameter passed to the function
// Now check if id, key, function and option are requested and then
// call function if it exists.
if(isset($_GET['id'], $_GET['key'], $_GET['function'], $_GET['option']) {
$id = $_GET['id'];
$key = $_GET['key'];
if($id == '1234' && $key == 'secret_key') {
// define all functions here
function make_comment($option) {
...code for saving comment to database...
}
if(function_exists($_GET['function'])) {
$_GET['function']($_GET['option']);
}
}
}
?>
Then uesr can call this function from any button using simple call to the API, like
<a href='http://yoursite.com/api.php?id=1234&key=secret_key&function=make_comment&option=i_am_comment'></a>
I am currently in the process of turning a sudoku solving program into a GUI with scala.swing and running into some trouble with the use of different functions. That is to say, I have a function for completely solving the puzzle, another for offering a hint entry, and another that will reset the grid. The interface consists of 81 individual ComboBox'es (see: http://i.imgur.com/45vzpei.png) and three buttons that perform said functions. My problem is that, while the separate reactions/cases involved reference specifically which buttons/functions to listen to, any button will incite all of the functions. My code for each of the listeners/buttons looks something like the following
listenTo(solve,comb11,comb12,comb13,comb14,comb15,comb16,comb17,comb18,comb19,comb21,comb22,comb23,comb24,comb25,comb26,comb27,comb28,comb29,comb31,comb32,comb33,comb34,comb35,comb36,comb37,comb38,comb39,comb41,comb42,comb43,comb44,comb45,comb46,comb47,comb48,comb49,comb51,comb52,comb53,comb54,comb55,comb56,comb57,comb58,comb59,comb61,comb62,comb63,comb64,comb65,comb66,comb67,comb68,comb69,comb71,comb72,comb73,comb74,comb75,comb76,comb77,comb78,comb79,comb81,comb82,comb83,comb84,comb85,comb86,comb87,comb88,comb89,comb91,comb92,comb93,comb94,comb95,comb96,comb97,comb98,comb99)
reactions += {
case ButtonClicked(solve) =>
...[working code for solve function]...
}
(The 'comb##'s are the exhaustive 81 ComboBoxes and the 'solve' is the button that solves the whole puzzle.) If I get rid of all but one of the listener/reaction blocks of code, clicking the remaining button works perfectly. If I try to include two or all of the listener/reaction code blocks, then every button causes ALL functions to be performed, which is clearly confusing and undesirable.
Not sure I understand your problem. But if you use lower case names in pattern matching extraction, these are fresh variables, and have nothing to do with values of the same name defined elsewhere. So to react to the solve button, you need to match against the value solve which you can do by putting it in back ticks:
listenTo(allMyButtons: _*)
reactions += {
case ButtonClicked(`solve`) => // note the back ticks!
...[working code for solve function]...
}
Otherwise, why don't you just keep each reaction with each combo box?
val combos = Vector.tabulate(81) { i =>
new ComboBox(1 to 9) {
listenTo(this)
reactions += {
case ButtonClicked(_) =>
... // not important to check the button - we only listen to one!
}
}
}
There is also a shorter way of defining the reaction to a pressed button.
import swing.{MainFrame, FlowPanel, Button}
val frame = new MainFrame {
contents = new FlowPanel {
contents += Button("solve")(println("solve"))
}
visible = true
}
As the title suggests, I want to actually brute-force (don't pay attention, useless information) using grease-monkey script by trying each word/alphabet I provide.
But as I think jQuery is more easier than Javascript itself , so I would also like to embed jQuery in it.
The second thing thats bugging me is to actually submit a form with a specific value.
And is there a way to store some values...like if "abcd" did not work in the input field then the page would refresh thus this un-intelligent script won't be able to detect that this word did not work already..and it will try that same "abcd" word again.
Sorry for the vague details
var lastTried = parseInt(GM_getValue("LAST", "-1")); //GM_* will not work on Chrome to the best of my knowledge, would have to use cookies in that case.
if((docIK.location.href == AddressA) || (docIK.location.href == AddressA?error)) //for example, pseudo code
{
if(lastTried < wordsToTry.length){
lastTried++;
form.data.value = wordsToTry[lastTried]; //form.data.value is more pseudo code, wordsToTry is array of the words that you are going to provide
GM_setValue("LAST", lastTried.toString());
form.submit();
}
}
else //Address B
{
//Success
}