Forum Moderators: coopster
<img src=http://www.tracking-service.com/tracker.gif?tag=12345&x=y>
Can anyone explain to me how this can not only execute a CGI script on an external server but also pass it javascript variables containing info such as screen depth and size?
I'm wondering if there's a way a plain HTML page can call an external PHP script in much the same way i.e. without having to be parsed as PHP itself.
Cheers.
If you see <img src="php_script.jpeg" /> there is no guarantee that that won´t be a dynamically created image.
As for the JavaScript the locally running JavaScript builds the URI to be requested and adds infos to the query string. This is then parsed by the script on the server.
Andreas
I just did a quick test with a tracking script I'm working on and it worked perfectly.
Cheers.
An excellent explanation
Who am I to blow against the wind. ;)
thank you
Your welcome rycrostud.
The key is the src attribute. An interesting use is to call the php using an external javascript tag:
<script language="javascript" src="http://whatever/php_script.php."> </script>
... the php at the other end could return data to the original page, for example, with:
echo "document.write('IP: $REMOTE_ADDR / Linked from: $HTTP_REFERER / UA: $HTTP_USER_AGENT);";
... or you could just write it to your log.
I may have spoken too soon. When trying to use the <img src=myscript.php> method my log records the page the image appears in as the $HTTP_REFERER (rather than Google for example) and the $REQUEST_URI is set to the name of the script being called (rather than the page I'm trying to track).
A bit confusing but I'm sure with a bit of tweaking it will work just fine and I can write the correct bits of info to my log.
I think I'll try and stick at the img tag, rather than using JavaScript, because I want this to work even if the user has JS switched off. We shall see.
document.write("<script type=\"text/JavaScript\" src=\"http://www.xxxx.xxx/~xxxxx/G/_.js?A="+escape(document.URL?GG_du= document.URL:GG_du=GG_sk)+"&B="+escape(GG_an)+"&C="+escape(navigator.userAgent?GG_ua= navigator.userAgent:GG_ua=GG_sk)+"&D="+escape(navigator.platform?GG_np= navigator.platform:GG_np=GG_sk)+"&E="+GG_sw+"&F="+GG_sh+"&G="+GG_cd+"&H= "+escape(document.referrer?GG_dr=document.referrer:GG_dr=GG_sk)+"\"></"+"script>"); document.write(" ");
The document.URL var can be checked on the server to see if it is an allowed page/url.
Also the returned JavaScript can contain:
if(document.URL.indexOf('http://www.xxxx.xxx/~xxxxx/') == -1)
window.location="http://www.xxxx.xxx/~xxxxx/";
This checks the page to see if the document.URL var is the same as an/the allowed page and redirect if it is not...
GeorgeGG
[edited by: jatar_k at 11:46 pm (utc) on Dec. 10, 2002]
[edit reason] fixed sidescroll [/edit]
My script is failing on the following:
(not all HTML begin or tags are included for brevity
Suggest file.php includes a function named trial()
------
<head>
<script type="text/javascript" src="file.php"></script>
</head>
<body onload="trial()"></body>
This Should Work.
Now use DOM with a body onload..
------
<head>
<script type="text/javascript">
function page_init()
{
x = document.createElement("script");
x.type = "text/javascript";
x.src = "file.php";
...append to the head element
...now call trial
trial();
}
</script>
</head>
<body onload="page_init()"></body>
Fails:
Page_init function does execute but dies with an
"object expected" on the line with "trial()".
If you were to program a pure javascript program
file.js in place of file.php, the code above works.
Now use DOM with a body onload and use
the file.js instead.
------
<head>
<script type="text/javascript">
function page_init()
{
x = document.createElement("script");
x.type = "text/javascript";
x.src = "file.js";
...append to the head element
...now call trial
trial();
}
</script>
</head>
<body onload="page_init()"></body>
ANY IDEAS.
GeorgeGG
