Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie

What is this java scipt all about?

Options
  • 04-12-2006 6:24pm
    #1
    Bananna man
    Registered Users Posts: 673 ✭✭✭


    I did a site ages ago on an older version of dreamweaver and am now working on it in Dreamweaver MX. I just noticed some java code in the header and i dont know how it got their or what it means. Can someone let me know what the hell its all about?
    <script language="JavaScript">
<!--
function MM_swapImgRestore() { //v3.0
  var i,x,a=document.MM_sr; for(i=0;a&&i<a.length&&(x=a[i])&&x.oSrc;i++) x.src=x.oSrc;
}

function MM_preloadImages() { //v3.0
  var d=document; if(d.images){ if(!d.MM_p) d.MM_p=new Array();
    var i,j=d.MM_p.length,a=MM_preloadImages.arguments; for(i=0; i<a.length; i++)
    if (a[i].indexOf("#")!=0){ d.MM_p[j]=new Image; d.MM_p[j++].src=a[i];}}
}

function MM_swapImage() { //v3.0
  var i,j=0,x,a=MM_swapImage.arguments; document.MM_sr=new Array; for(i=0;i<(a.length-2);i+=3)
   if ((x=MM_findObj(a[i]))!=null){document.MM_sr[j++]=x; if(!x.oSrc) x.oSrc=x.src; x.src=a[i+2];}
}

function MM_findObj(n, d) { //v4.01
  var p,i,x;  if(!d) d=document; if((p=n.indexOf("?"))>0&&parent.frames.length) {
    d=parent.frames[n.substring(p+1)].document; n=n.substring(0,p);}
  if(!(x=d[n])&&d.all) x=d.all[n]; for (i=0;!x&&i<d.forms.length;i++) x=d.forms[i][n];
  for(i=0;!x&&d.layers&&i<d.layers.length;i++) x=MM_findObj(n,d.layers[i].document);
  if(!x && d.getElementById) x=d.getElementById(n); return x;
}
//-->
</script>

    Thanks


Comments

  • Options
    #2
    Serbian
    Registered Users Posts: 2,157 ✭✭✭Serbian


    Dreamweaver adds that script automagically. It's for rolling over images.


  • Options
    #3
    Gosh
    Registered Users Posts: 683 ✭✭✭Gosh


    This should explain it


  • Options
    #4
    Bananna man
    Registered Users Posts: 673 ✭✭✭Bananna man


    Ahhhh, thanks. I stoped using rollover images a long time ago for my links so havent seen this code.


  • Options
    #5
    Bananna man
    Registered Users Posts: 673 ✭✭✭Bananna man


    On another note, i finally got the Cpatcha security code's working on one of my sites to stop bots posting spam (thanks mainly to Gosh who helped me out loads). Guess what, still getting spam messages on the forum, not as much but still getting them :mad:

    If i increase the number of random line creating the "noise" will this help or is it just that some bots can get by this anyway. If so is their anything i can do besides the captcha security


  • Options
    #6
    mneylon
    Registered Users Posts: 7,739 ✭✭✭mneylon


    I've started checking signups against SpamHaus. If their IP is listed they get blocked.. It seems to be working quite well :)

    Blog | Tweets



  • Advertisement
  • Options
    #7
    Gosh
    Registered Users Posts: 683 ✭✭✭Gosh


    Bananna man wrote:
    On another note, i finally got the Cpatcha security code's working on one of my sites to stop bots posting spam (thanks mainly to Gosh who helped me out loads). Guess what, still getting spam messages on the forum, not as much but still getting them :mad:

    If i increase the number of random line creating the "noise" will this help or is it just that some bots can get by this anyway. If so is their anything i can do besides the captcha security
    Glad you got the captcha code working, to be honest the security code generated by the script isn't that sophisticated. You could try changing that part of it to generate an MD5 hash value from the current time and take 6 characters from set positions of the 32-character hash value and change these positions frequently. Remember it's the MD5 hash value you save as the session variable not the characters you select - these are used to generate the image only. You know which characters you have selected so you can reconstruct the security code from the hash value.

    Generating too many random lines may make the code hard to read for humans and it's not the image the spammers are reading - there's a flaw somewhere in leaving the code open.

    Make sure your directory where the PHP sessions variables are stored (session.save_path) in is secured - if you know your session id (from the PHPSESSID cookie) then depending on where the session variables file is stored you can find out what the security code is. I once had a site where these session files were being stored in the home directory. The session variable name and it's value are clearly available when these files can be read.

    Another thing to change on the captcha code you have would be the name of the session variable - 'security_code' it's a bit obvious for something that can read the session variable file. Yoour form probably has an input field called security code as well - try making the name less obvious.

    Once you've checked that the security_code session variable is correct unset the variable immediately as a new one is only generated for the same session if you call the script - if you get it right once then you can submit the form again and again and again using the same security_code.

    And when sessions are finished make sure you destroy them.

    Make sure your pages are not cached by the browser use the following HTML

    <meta http-equiv="Expires" content="Fri, Jun 12 1981 08:20:00 GMT" />
    <meta http-equiv="Pragma" content="no-cache" />
    <meta http-equiv="Cache-Control" content="no-cache" />

    You'll probably never stop it but you can sure as hell make it hard for them and when it's hard they'll move on to another target.


Advertisement