Well I want to get the code for this tool - http://www.w3schools.com/jsref/tryit.asp?filename=tryjsref_onclick On the left hand side you put the code, and on right hand side, it gives you the output. Is there any available script for this ? which can be the best way to do this ? using PHP or ajax ? Cheers
I wouldn't recommend that you let people execute foreign code on your website, they could be doing anything .... however : <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> <title>HTML Edit / Preview</title> </head> <body> <table width="100%" border="0"> <tr> <td> <!-- Begin buttons --> <input type="button" onclick="return document.getElementById('preview').innerHTML = document.getElementById('html').value;" value="Preview"/> <input type="button" onclick="return document.getElementById('html').value = '';" value="Clear Contents" /> <input type="button" onclick="return document.getElementById('preview').innerHTML = '';" value="Clear Preview" /> <!-- End : Buttons --> </td> <td><div align="right"><em><strong>Preview Window </strong></em></div></td> </tr> <tr> <td width="50%" valign="top"> <textarea name="textarea" rows="25" id="html" style="width:100%; border:1px solid black;"><marquee><b>Joe is the best</b></marquee></textarea> </td> <td width="50%" valign="top"> <div id="preview" style="margin: 7px 7px 7px 7px;"> <marquee><b>Joe is the best</b></marquee> </div> </td> </tr> </table> </body> </html> PHP: Works, I suck at designing stuff, but that's one way to achieve that without page reloading every 2 seconds .....
Excellent work mate, just excellent work Can you tell me how can I stop this ? Also what malicious things that can be performed on the code ?
with javascript, nothing lasting so long as the code around it is secure, but with php they could query db connections you have open, execute eval commands (this is dangerous becuase php has file access), it's just not a good idea.... if you were to do it, you would need something different to the code I posted, you would need to loop through all the input searching for an array of banned functions, but people will find ways around that too, i would work on what I gave you and make that into what you need without server side scripting of any kind, not even ajax requests, that's my advice take it or leave it .......