| 1:53 pm on Nov 11, 2004 (gmt 0)|
You have a few potential problems here - whether this is possible at all, and whether the searchengines will penalize you for this kind of content negotiation.
There is no way that you can do this transparently (without the user knowing) - a browser doesn't automatically send any information to the server of this type in its request.
document.write(\'<META HTTP-EQUIV=Refresh CONTENT="0; URL=ht*p:\\/\\/www.yoursite.com\\/?useroffset=\'+off">\');
} elseif(is_numeric($_GET['useroffset'])) $useroffset = $_GET['useroffset'];
| 9:28 pm on Nov 11, 2004 (gmt 0)|
Doesn't fix the problem that the curious user can see what's happening. There are ways though to make it quite a cumbersome task to find out what some JS code really does, even for the experienced. Security by obscurity...
| 8:36 am on Nov 12, 2004 (gmt 0)|
var dt = new Date()
var off= dt.getTimezoneOffset();
document.write(\'<META HTTP-EQUIV=Refresh CONTENT="0; URL=ht*p://localhost/tmp/offset.php?useroffset=\'+off);
$useroffset = $_GET['useroffset'];
| 7:43 pm on Nov 12, 2004 (gmt 0)|
Putting this here for my own future reference more than anything else. Is a similar thread which ties in nicely with this one:
| 4:45 pm on Nov 13, 2004 (gmt 0)|
One thing that I shoudl mention is that it is not my code per se that i wish to protect - it is just that i do not want persons to know that i am redirecting on the basis of time zone if they ever take the time to look. So, in this way I can provide different content to different time zones - without anyone knowing.
Why do I not get the time, and then send it back to a php script like you kindly suggested in your last post?
var curDateTime = new Date()
document.write("GMT Offset for your time zone is ")
Once again - many thanks for all your help. I really hope that you dont find this thread tiresome. You really are being a great help to me. I really am very grateful.
| 4:47 pm on Nov 13, 2004 (gmt 0)|
This thread is closely related to another one that i have posted recently. The relevance may not seem strong at the beginning - but scroll down and you will start to get it:
| 7:10 pm on Nov 13, 2004 (gmt 0)|
Pleased to have been some help; hope you find something that approaches your ideal solution here.
| 7:28 pm on Nov 13, 2004 (gmt 0)|
Hide the important bits of code inside tons of useless other code. Make use of the eval(String.fromCharCode(<ascii values of your code here>)) function for both important and unimportant bits of the code to further obscure the whole thing. (Want to hide a tree? Place it in a forest!)
There is a choice of "code uglifiers" out there. Google will find them for you. Run your code through one of them and be prepared for a surprise when trying to read your own code.
Do the actual relocation on the server side using header("Location: <url>"). Your client side code has to set a cookie to get the client's timezone to your server, or just place the current client's time in the cookie and calculate the timezone yourself on the server side. Even if someone's really, really curious and gets down to the important bits, placing the current time in a cookie is nothing much suspicious, as has been said before.
Have your "grab the time(zone)"-function do something really nice for the user at the same time, which might satisfy the user's curiosity and stop him from looking any further.
I see one drawback though: When I run into some code which literally cries "Don't ever understand me!" this fact alone is a real challenge for me to have a much closer look at it. Well, that's me of course...
I really shouldn't have written all this...