To put this briefly I am testing a Google drive form that will record votes for a school election to ensure that it is secure.
Is there a way to open a form from the shared URL and list/input data? In short, can I write a script to act like a bot that will vote and try to crash the form?
Sample URL: http://docs.google.com/forms/d/RANDOM_STRING/viewform
Edit: Some time around the end of 2014 a change in the Google Forms service invalidated this hack. Look at Is it possible to 'prefill' a google form using data from a google spreadsheet? and How to prefill Google form checkboxes? for a solution that relies on the Form methods.
A Google Form, when shown as a "live form", is just an HTML Form, with all the regular behaviors of a form. You can view the HTML source of a live form, and get the information that will help you simulate POST requests.
HTML Form
For example, look at the form from Spreadsheet Email Trigger. Here is the form HTML, cleaned up for readability:
<form action="https://docs.google.com/spreadsheet/formResponse?formkey=#FORMKEY#&ifq"
method="POST" id="ss-form">
<br>
<label class="ss-q-title" for="entry_0">First Name
<span class="ss-required-asterisk">*</span>
</label>
<label class="ss-q-help" for="entry_0"></label>
<input type="text" name="entry.0.single" value="" class="ss-q-short" id="entry_0">
<br>
<label class="ss-q-title" for="entry_1">No of User
<span class="ss-required-asterisk">*</span>
</label>
<label class="ss-q-help" for="entry_1"></label>
<select name="entry.1.single" id="entry_1">
<option value="5">5</option>
<option value="10">10</option>
<option value="20">20</option>
<option value="30">30</option>
</select>
<br>
<label class="ss-q-title" for="entry_2">Email ID
<span class="ss-required-asterisk">*</span>
</label>
<label class="ss-q-help" for="entry_2"></label>
<input type="text" name="entry.2.single" value="" class="ss-q-short" id="entry_2">
<br>
<input type="hidden" name="pageNumber" value="0">
<input type="hidden" name="backupCache" value="">
<input type="submit" name="submit" value="Submit">
<div class="password-warning">Never submit passwords through Google Forms.</div>
</form>
Important elements are marked in this screenshot:
Script to simulate a Google Form submission
Armed with the action URL and field names, we can code a function to programmatically submit a form, by modifying the example from the UrlFetch documentation:
// Simulate POST to form
function sendHttpPost() {
// Copy the entire URL from <form action>
var formAction = "https://docs.google.com/spreadsheet/formResponse?formkey=#FORMKEY#&ifq";
var payload = {
"entry.0.single": "Nelson", // First Name
"entry.1.single": "10", // No of users
"entry.2.single": "user#example.com" // Email ID
};
// Because payload is a JavaScript object, it will be interpreted as
// an HTML form. (We do not need to specify contentType; it will
// automatically default to either 'application/x-www-form-urlencoded'
// or 'multipart/form-data')
var options = {
"method": "post",
"payload": payload
};
var response = UrlFetchApp.fetch(formAction, options);
}
Result
Here's the result of the above script, a form response has been added to the spreadsheet.
Related
I am using summernote rich text editor, and I want to edit my posted data(stored in DB). I am sending the value to the text area and inputs but not showing into the text area and showing into the input. kindly share some solutions and suggestions with me. any jquery and js function like this...
here is rendered data to web page
route.get('/edit/:id', async (req, res) =>{
const id = req.params.id
const article = await Article.findById(id)
res.render('editarticle',{article:article})
})
and here is ejs or HTML
<%- include('header'); -%>
<div class="container-9">
<h2>Create Article Here</h2>
<hr>
<form action="/create/blog" method='post'>
<input type="text" name="title" id="" placeholder="Enter Title" value='<%=article.title%>'/>
<input type="text" name="description" id="dics" placeholder="Enter Description" value='<%=article.discription%>'/>
<hr>
<button id='btn-post' type="submit">Post</button>
<textarea name='content' id="body" rows="10" value="<%=article.content%>" ></textarea>
</form>
</div>
<%- include('footer'); -%>
I have solved this problem with help of one line of code. I have got the solution after 2 month
var value = $('#value').val()
console.log(value);
$('textarea#body').summernote('pasteHTML', value);
if want to render the HTML for edit this will work, var value = $('#value').val() it just receiving the value (HTML) from the backend and $('textarea#body').summernote('pasteHTML', value); this line of code pesting the HTML into summernote editor.
#tushar Very useful !!
I use it on summer note as like
Put Content in a div, and set it display none
<div id="contentDumpDiv" style="display:none;">
<?php echo $post['content'] ?>
</div>
then use this javascript code
var value = $('#contentDumpDiv').html();
$('textarea#saContent').summernote('pasteHTML', value);
I am trying to find a way to change the pop up HTML on a chrome extension to another one when you click a button. I have tried to make a onclick function href but nothing works. I am new to both HTML and chrome extensions so I am sorry if this problem seems easy to the more experience developers.
<form id="gform" method="POST" class="pure-form pure-form-stacked" data-email="from_email#example.com"
action="https://script.google.com/a/cvsd356.org/macros/s/AKfycbxb4ZyUUQCnTN-7iYF-YRViDSy/exec">
<div class="name">
name: <input type="text" name="Name" id= "inputbox"><br>
</div>
<div class="id">
ID# <input type="text" name= "ID" id= "inputbox"><br>
</div>
<div class="MailingAddress">
Mailing Address: <input type="text" name= "Mailing Adresss" id= "inputbox" style=width:350px;><br>
</div>
<div class="sendToTr">
Send Transcript to: <input type ="text" name="College" style=width:350px; id= "inputbox" ><br>
</div>
<div class="emailmy">
<label for="email"><em>Your</em> Email Address:</label>
<input id="inputbox" name="email" type="email" value=""
required placeholder="your.name#email.com" />
</div>
<div class="sButton">
<button style=height:30px;width:70px;border-radius: 3px; class="button-success pure-button button-xlarge">
send
</button>
</div>
I think there are quite a few ways to achieve what you are asking. If I were you, I would add a JavaScript file to my project to do this.
Step 1:
I would tell my HTML page where to find this JS file. The sample below can be included near the end of your HTML file, right before </body></html>. The sample below assumes your new popup.js file is in the root folder of your project:
<script src="popup.js" type="text/javascript"></script>
Step 2:
In the popup.js file, I would create a function that tells the popup how it should be modified. In the sample below, I'm going to hide the element with an ID of "theOldElement" and show the element with an ID of "theNewElement". I'm also going to attach this function to the click event of "theButton" element.
popup.js
function updatePopup(){
document.getElementById("theNewElement").style.display = "block";
document.getElementById("theOldElement").style.display = "none";
}
document.getElementById('theButton').addEventListener('click', updatePopup);
Step 3:
I like referring to my HTML elements by ID (as I've been doing above - note the "getElementById" references), so I would:
add id="theNewElement" to the element I want to reveal
add id="theOldElement" to the element I want to hide
add id="theButton" to the button that I want to trigger this change
Note: you can insert these IDs as the first attribute within the tag you want to identify. E.g., <div id="theNewElement" ...
I'm trying to create a blog site that has the ability to comment on a blog/article. I have the end point
app.get('/post/:slug', function(req, res) {
var _slug = req.params.slug;
var blog_post = _.findWhere(_DATA, { slug: _slug });
if (!blog_post) return res.render('404');
res.render('post', blog_post);
});
that handles the display of a blog/article using HandleBars. It retrieves a post from database _DATA and simply display it using the template post.handlebars. It right now does nothing else.
I would like to add the ability to comment on this article. I'm very new to web programming and don't know how to handle requests like that. Right now, my idea is to add
<article>
<form method="POST" action="/comment">
<div class="input-field">
<label>Comment:</label>
<textarea type="text" name="comment" rows="20" placeholder="What's on your mind?"></textarea>
</div>
<button type="submit">Add Comment</button>
</form>
</article>
to the bottom of my post.handlebars and add the end point app.post('/comment', function(req, res) {});
But this presents multiple problems, namely, how would I know which article I'm commenting on? In this new end-point, my req.body would contain nothing except the contents of the comment.
What is the proper way to handle this?
Put the ID of your article in the comment form as an hidden input. When you'll submit the form you'll get the article-id value.
I've used handlebar to place the article id in the form change the value of article.id according to your data.
<article>
<form method="POST" action="/comment">
<div class="input-field">
<label>Comment:</label>
<textarea type="text" name="comment" rows="20" placeholder="What's on your mind?"></textarea>
</div>
<input type="hidden" name="article-id" value="{{article.id}}">
<button type="submit">Add Comment</button>
</form>
</article>
I'm using Express.js and trying to get form data of a dropdown select element,
I tried with body-parser but what I get with eq.body.method_select is undefined.
I didn't find much info about how to do this on the web.
Here is my code html code:
<form action="url_analyse">
<div class="col-lg-6">
<div class="input-group">
<select class="custom-select mb-2 mr-sm-2 mb-sm-0" name="method_select" id="inlineFormCustomSelect">
<option value="5">Regular Search (Short)</option>
<option value="10">Intense Search (Long)</option>
<option value="20">Deep Search (Very Long)</option>
</select>
<input type="text" name="url_input" class="form-control" placeholder="Enter URL">
<span class="input-group-btn">
<button class="btn btn-secondary">Go!</button>
</span>
</div>
</div>
Here is my js code:
app.get('/url_analyse', function(req, res) {
console.log(req.body.method_select);
})
Hope you can help me with that.
Thank you.
There are two issues here:
You might want to explicitly add the leading forward slash: action="/url_analyse"
The default form submission HTTP method is GET, which means that form fields will be passed in the query string portion of the URL. This means you will instead need to access req.query to get at the form fields. You only need body-parser and req.body when you use POST and other methods (with the appropriate enctype) to submit your form.
I have a form that I am submitting using post. I can retrieve input values, however I also want to retrieve the class name or attribute of a div within a form.
html:
<form method='post' action='/formResult'>
<input type='text' name='someInput' />
<div class="stateAlpha" customAttr="alpha"></div> <!-- want 'alpha' -->
<button type="submit" class="btn btn-default">Submit</button>
</form>
node/express:
router.post('/formResult', function(req, res, next){
res.render('formResult', { someInput: req.body.someInput, someState: req.body.??? });
});
You'll need to intercept the submit event of the form, and put the class info into a hidden field. In pure JavaScript:
<form method='post' class='myForm' action='/formResult'>
<input type='text' name='someInput'>
<input type='hidden' name='state'>
<div class="stateAlpha" customAttr="alpha"></div>
<button type="submit" class="btn btn-default">Submit</button>
</form>
<script>
document.querySelector('.myForm').addEventListener('submit', function(evt) {
var alpha = evt.target.querySelector('[customAttr="alpha"]');
var hiddenState = evt.target.querySelector('[name="state"]');
hiddenState.value = alpha.classList.join(' ');
});
</script>
Note that I added a class to the form, and used that to select the form; that's because you may have more than one form on the page, and you want to select the right one. Also note that inside the submit listener, I don't use document as the base of my selection, but evt.target; that's because you might have elements with customAttr='alpha' elsewhere in your document.
Once I have the div with the class you want to identify, I get the hidden input element, and set it's value property to the div's class list (remember any element can have more than one class, so classList is an array, which I just join using spaces).
If you're using jQuery, it gets a little shorter:
<form method='post' class='myForm' action='/formResult'>
<input type='text' name='someInput'>
<input type='hidden' name='state'>
<div class="stateAlpha" customAttr="alpha"></div>
<button type="submit" class="btn btn-default">Submit</button>
</form>
<script>
$(document).ready(function() {
$('.myForm').on('submit', function() {
var $alpha = $(this).find('[customAttr="alpha"]');
$(this).find('[name="state"]')
.val($alpha.get(0).classList.join(' '));
});
});
</script>
The DOM is client-side and when you post the form only the values of the fields are posted, nothing else. To achieve what you are trying to do you can create a hidden field that stores the value of your class like this.
<input type="hidden" value="stateAlpha" name="myFieldName" />
This will then get sent in the form post.