HTML Goodies: Script Tip: Week 22
Application Security Testing: An Integral Part of DevOps
Last week you got the rundown on how this guestbook script works and since there's no good starting point for tearing this one apart, we'll just start from the top down. First we grab the user's name and e-mail address and stick them in the subject line of the FORM flag.
Just in case you're a little forgetful, here's the script and its effect once again.
The guestbook was written as two separate scripts. It didn't have to be, but at my age, you want to make a point of keeping everything straight in your aging gray matter. So, I set the prompts apart in a script of their own. It looks like this:
var name = prompt
("What is your name?","Write It Here")
var email = prompt
("What is your email address", "Write It Here")
The prompt format is pretty simple and should be familiar to you by now. A variable name is assigned by writing "var" then the variable name. In this case we used "name" for the text string the user enters for his or her name and "e-mail" to represent the text string the user puts in representing his or her e-mail address.
Use the prompt format by including the command "prompt" followed by two sets of text in parentheses. The first set of text will appear in the box itself and the second will appear in the text box on the prompt box.
Okay, so now we have these two text strings and we can place them just about anywhere by calling for them by their variable name.
The Main FORM Flag
It looks like this:
<FORM METHOD='post' ACTION='mailto:firstname.lastname@example.org?Subject=Script Tip mail from " +name+ " at " +email+ "' ENCTYPE='text/plain' NAME='gbookForm'>
Please understand that the line above should all go on one long line. It is only broken into pieces because of page constraints.
So, what do we have? It's a basic mailto: FORM setup. We have the METHOD set to post and the action set to send the e-mail to my e-mail box. But look at the "Subject=" section:
We're actually using the two variable names taken from the prompts to build the subject line. When the e-mail arrives in your box, it will read that there is "Script Tip mail from Name at E-mail Address".
Notice the double quotes and the plus signs. See how the plus signs sit on either side of the variable names? That signifies that this is not text to be written, but rather a variable string to be returned. Also notice the spaces left on either side of " at ". Without those spaces, the text string would just butt right up against the text in double quotes. You leave the spaces in to make it readable.
The FORM flag then runs out, setting the ENCTYPE to "text/plain" and naming the entire form 'gbookForm'.
Next Week: The HTML Form Elements
HTML Goodies 30-Step Primer Series
and take the knowledge home with you in
on your Web pages here!
IT Solutions Builder TOP IT RESOURCES TO MOVE YOUR BUSINESS FORWARD
Which topic are you interested in?
What is your company size?
What is your job title?
What is your job function?
Searching our resource database to find your matches...