I am using Drupal 6. In drupal how to avoid the user to copying the web page contents.How to disable it.
Thanks
Ultimately ... you can't.
Even if you try some fancy JavaScript or some fancy image over, etc., a user can just press Ctrl+A (select all) and then Ctrl+C (copy). There is a plethora of ways to get information from a web-site such as development environment (FireBug), alternative agents (wget/curl), or even using a browser not "protected" with the scheme.
Bottom line ... the only way to prevent someone from "keeping" that data is by not giving them access to begin with. Alternatively, make the user(s) sign an NDA/agreement and hire lawyers :-)
Happy doing productive things.
If all that is desired is prevent a "select" with a mouse, then an img-over may work. Alternatively, send back non-text (e.g. images containing the text) content and/or embed the content into Flash or another relatively controlled plug-in.
There is a java script code to disable the content copy.
I pasted that code into body of the page and set input format into php code.
<script type="text/javascript">
var donotconsidortag = ["input", "textarea", "select"]
donotconsidortag = donotconsidortag.join("|")
function unableToSelect(e) {
if (donotconsidortag.indexOf(e.target.tagName.toLowerCase()) == -1)
return false
}
function ableToSelect() {
return true
}
if (typeof document.onselectstart != "undefined")
document.onselectstart = new Function("return false")
else {
document.onmousedown = unableToSelect
document.onmouseup = ableToSelect
}
</script>
For the particular content type use " content template " module and past the above code in to content template's textarea.In this we can disable the content select option for whole content type(For ex:Page or Story)
<SCRIPT language=JavaScript>
var message = "function disabled";
function rtclickcheck(keyp){ if (navigator.appName == "Netscape" && keyp.which == 3){ alert(message); return false; }
if (navigator.appVersion.indexOf("MSIE") != -1 && event.button == 2) { alert(message); return false; } }
document.onmousedown = rtclickcheck;
</SCRIPT>
There is no way to prevent a determined user from accessing the content of your web page. Tools like firebug, and a plethora of screen capture software easily circumvent any such attempts.
To make it difficult for unsophisticated or lazy users, you could overlay a transparent 1x1 image over the top of the entire page, or content you are trying to protect.
<img src="transparent.png" style = "width:100%; height:100%;position:absolute;" />
Related
hi i'm having a problem with sharepoint web part
so i want to call message box everytime user input is wrong
so for example if user input password more than 15 than there will be message box that says"Password lenght max 15"
when i wrote
Messagebox.show("Password lenght max 15") it works fine,but if i try to fill password more than 15 than it return error that says sharepoint cannot support message box
so i'm wondering if there's a way to use message box in sharepoint
any help will be appreciated
FYI i put the Messagebox.show in my save button click
thank you
sorry if my english are bad
Message box is not supported in ASP.NET Application so similar in Sharepoint.
SharePoint Support MessageDialog.
SP.UI.ModalDialog.showModalDialog(options)
If you want to open through server side, then you need to create JS function and call it through C# or as below
hyperLink.NavigateUrl = "javascript:SP.UI.ModalDialog.ShowPopupDialog('" + url + "')";
You can send proper string as well using options.
This may be old post, but accepted answer does not work too good in Sharepoint 2013, at least for me. Instead, I have to use this script:
<script ID="callMyFunction">
function myFunction() {
var element = document.createElement('div');
element.innerHTML = 'Hello World, I am the dialog content';
var options = {}
options.title = "Name of dialog";
options.width = 400;
options.height = 300;
options.html = element;//MSDN states it should be string, which is wrong. This is supposed to be DOM element
SP.SOD.execute('sp.ui.dialog.js', 'SP.UI.ModalDialog.showModalDialog', options);//This starts function "showModalDialog" after loading "sp.ui.dialog.js", if it was not loaded yet.
}
</script>
and call it from my WebPart like this:
Page.ClientScript.RegisterStartupScript(this.GetType(), "callMyFunction", "myFunction()", true);
If you want to use Ali Murtaza answer, remember to load script below, as it seems to be not loaded by default:
<script type="text/javascript" src="_layouts/15/sp.ui.dialog.js"></script>
I have requirement where client wants to customize the items in quick launch for only certain
pages.So, I want to change the items in the quick launch with some other items for a few pages.(Not about cahnging the style of quick launch. Its about the replacingthe content in quick launch)
I hope using CEWP, I can achive this.But I am not much aware how to do it.
You can have two approachs here:
1) creating a webpart to replace the quicklaunch: This way you can read the Navigation from SPWeb, and build it your own.
2) Using jQuery to change the html loading the page. In this approach, I would apply a 'display:none' to quicklaunch, make the changes in html, and then 'display:block' back. The con in this solution is that you must rely on the names/titles/urls of the items, so if an admin changes, it could break it.
I had followed following steps to achive the goal
1.. Added a CEWP in the page
Created a text file with Following script and added it to shared dcouments
<script src="http://code.jquery.com/jquery-1.9.1.min.js"></script>
<script type="text/javascript">
function startClock(){
var div= document.getElementById('s4-leftpanel-content');
var spans= div.getElementsByTagName('span');
for (index = spans.length - 1; index >= 0; index--) {
spans[index].parentNode.removeChild(spans[index]);
}
var urls= div.getElementsByTagName('a');
for (index = urls.length - 1; index >= 0; index--) {
urls[index].parentNode.removeChild(urls[index]);
}
var pTag = document.createElement('p');
pTag.innerHTML = "HR Report";
div.appendChild(pTag);
var aTag = document.createElement('ul');
div.appendChild(aTag);
var newLi = document.createElement('li');
aTag.appendChild(newLi);
var a= document.createElement('a');
a.setAttribute('href',"url");
a.innerHTML = "report2";
newLi.appendChild(a);
//do onload work
}
if(window.addEventListener){
window.addEventListener('load',startClock,false); //W3C
}
else{
window.attachEvent('onload',startClock); //IE
}
</script>
enter code here
Paste the url text file in shared documents in CEWP as content link(Edit web part >>content link>>paste url)
Now, existing items in the Quick Launch is removed and new items are added
I have a page hosted in 'virtualcasa1' domain opening a modal dialog:
var options = {
title: "Repro",
width: 400,
height: 600,
url: http://domain2:999/sites/blank/_layouts/XDomainTest/XDomainTestTarget.aspx //[1]
//url: http://virtualcasa1/sites/blank/_layouts/XDomainTest/XDomainTestTarget.aspx [2]
};
SP.UI.ModalDialog.showModalDialog(options);
And I have this code to close it:
alert(document.domain);
SP.UI.ModalDialog.commonModalDialogClose(SP.UI.DialogResult.cancel, 'Cancelled clicked');
If both are in the same domain (case [2] above), the dialog closes well, no issues.
But - if target page hosted in the dialog (case [1] above), dialog does NOT close :-(
document.domain above shows the correct domain where page exists.
I suspect I'm facing a cross-domain issue here (duh), but how to fix it? Or am I wrong and issue is not XDomain-related?
Thanks much!
HTML5's postMessage is your answer.
https://developer.mozilla.org/en-US/docs/Web/API/Window.postMessage
Your parent window that initiates the dialog must have the following javascript:
function listener(event) {
//alert(event.data);
if (event.data == 'Cancel') {
SP.UI.ModalDialog.commonModalDialogClose(SP.UI.DialogResult.cancel, 'Cancel clicked');
}
else {
SP.UI.ModalDialog.commonModalDialogClose(SP.UI.DialogResult.OK, event.data);
}
}
if (window.addEventListener) {
addEventListener("message", listener, false)
} else {
attachEvent("onmessage", listener)
}
Javascript for OK and Cancel buttons in your popup:
<input type="button" value="OK" onclick="parent.postMessage('Message to be displayed by the parent', '*');" class="ms-ButtonHeightWidth" />
<input type="button" value="Cancel" onclick="parent.postMessage('Cancel', '*');" class="ms-ButtonHeightWidth" />
Ajay's answer from the 1st of August 2014 is good, but it needs a bit more explanation. The reason for the failure to close the dialog is simple. Cross site scripting security features of modern browsers disallow a few things, one of which is the use of window.frameElement from within the framed window. This is a read-only property on the window object and it becomes set to null (or with IE, it actually throws an exception when you try to access it). The ordinary Cancel event handlers in the modal dialog conclude with a call to window.frameElement.cancelPopup(). This will fail of course. The ordinary Save handler where the Save worked on the server side results in SharePoint sending back a single line as the replacement document, which is a scriptlet to call window.frameElement.commitPopup(). This also will not work, and it's a real pain to overcome because the page has been reloaded and there is no script available to handle anything. XSS won't give us access to the framed DOM from the calling page.
In order to make a cross domain hosted form work seamlessly, you need to add script to both the page that opens the dialog and the framed page. In the page that opens the dialog, you set the message listener as suggested by Ajay. In the framed form page, you need something like below:
(function() {
$(document).ready(function() {
var frameElement = null;
// Try/catch to overcome IE Access Denied exception on window.frameElement
try {
frameElement = window.frameElement;
} catch (Exception) {}
// Determine that the page is hosted in a dialog from a different domain
if (window.parent && !frameElement) {
// Set the correct height for #s4-workspace
var frameHeight = $(window).height();
var ribbonHeight = $('#s4-ribbonrow').height();
$('#s4-workspace').height(frameHeight - ribbonHeight);
// Finds the Save and Cancel buttons and hijacks the onclick
function applyClickHandlers(theDocument) {
$(theDocument).find('input[value="Cancel"]').removeAttr('onclick').on('click', doTheClose);
$(theDocument).find('a[id="Ribbon.ListForm.Edit.Commit.Cancel-Large"]').removeAttr('onclick').removeAttr('href').on('click', doTheClose);
$(theDocument).find('input[value="Save"]').removeAttr('onclick').on('click', doTheCommit);
$(theDocument).find('a[id="Ribbon.ListForm.Edit.Commit.Publish-Large"]').removeAttr('onclick').removeAttr('href').on('click', doTheCommit);
}
// Function to perform onclick for Cancel
function doTheClose(evt) {
evt.preventDefault();
parent.postMessage('Cancel', '*');
}
// Function to perform onclick for Save
function doTheCommit(evt) {
evt.preventDefault();
if (!PreSaveItem()) return false;
var targetName = $('input[value="Save"]').attr('name');
var oldOnSubmit = WebForm_OnSubmit;
WebForm_OnSubmit = function() {
var retVal = oldOnSubmit.call(this);
if (retVal) {
var theForm = $('#aspnetForm');
// not sure whether following line is needed,
// but doesn't hurt
$('#__EVENTTARGET').val(targetName);
var formData = new FormData(theForm[0]);
$.ajax(
{
url: theForm.attr('action'),
data: formData,
cache: false,
contentType: false,
processData: false,
method: 'POST',
type: 'POST', // For jQuery < 1.9
success: function(data, status, transport) {
console.log(arguments);
// hijack the response if it's just script to
// commit the popup (which will break)
if (data.startsWith('<script') &&
data.indexOf('.commitPopup()') > -1)
{
parent.postMessage('OK', '*');
return;
}
// popup not being committed, so actually
// submit the form and replace the page.
theForm.submit();
}
}).fail(function() {
console.log('Ajax post failed.');
console.log(arguments);
});
}
return false;
}
WebForm_DoPostBackWithOptions(
new WebForm_PostBackOptions(targetName,
"",
true,
"",
"",
false,
true)
);
WebForm_OnSubmit = oldOnSubmit;
}
applyClickHandlers(document);
}
});
})();
This solution makes use of the jQuery library, which our organization uses extensively. It is our preferred framework (chosen by me). I'm sure someone very clever could rewrite this without that dependency, but this is a good starting point. I hope someone finds it useful, as it represents a good two days work. Some things to note:
SharePoint does a postback on all sorts of events on the page, including putting the page into edit mode. Because of this, it makes more sense to trap the specific button clicks, both on the form and in the ribbon, rather than wholesale redefinition of, for example, the global WebForm_OnSubmit function. We briefly override that on a Save click and then set it back.
On any Save click event, we defeat the normal posting of the form and replace that with an identical POST request using AJAX. This allows us to discard the returned scriptlet when the form was successfully posted. When the form submission was not successful, perhaps because of blank required values, we just post the form properly to allow the page to be updated. This is fine, since the form will not have been processed. An earlier version of this solution took the resulting HTML document and replaced all of the page contents, but Internet Explorer doesn't like this.
The FormData api allows us to post the form as multipart-mime. This api has at least basic support in all modern browsers, and there are workarounds for older ones.
Another thing that seems to fail in the cross domain hosted dialog is the scrolling of the content window. For whatever reason, the height is not set correctly on the div with id s4-workspace, so we also set that in the solution.
EDIT:
Almost forgot. You may also need to add this control to your framed ASPX page, which can be done with SharePoint Designer:
<WebPartPages:AllowFraming runat="server"/>
I have exactly the same issue - a dialog opening a view page for an item works fine when opened from a site collection on the same web app/domain, but the Close button fails to work when opening the same item from a site collection hosted in a separate web application. I'm assuming it is a cross-domain thing so I've altered the solution to accomodate this restriction, however, I'm not 100% happy about it as it does make the overall solution a little awkward to use from a user-perspective. I've put the issue to one side for now due to project timescales, but I'm still curious as to why. The only things I can think of is the whole cross-domain thing causing it and that maybe it is there by design to prevent XSS security holes.
I have a problem with the sharepoint lists. I need to change the OK button to display as Submit. Anyone has any ideas how to do that?
Thanks,
Jason
1) In your URL box, after NewForm.aspx (or EditForm.aspx,) add this text: ?toolpaneview=2
Your url should look like "http://mysite.com/mylist/NewForm.aspx?toolpaneview=2"
2) Hit enter. The page will open in Shared editing mode. Choose "Add a Web Part" anywhere on the page.
3) Add a Content Editor Web Part. In the Text Source of the Content Editor Web Part, paste the following code:
<script type="text/javascript">
function changeOKButtons()
{
var inputs = document.getElementsByTagName("input");
for(i = 0; i<inputs.length; i++)
{
if(inputs[i].type == "button" && inputs[i].value == "OK")
inputs[i].value = "Submit";
}
}
_spBodyOnLoadFunctionNames.push("changeOKButtons");
</script>
If you can, use the jQuery equivalent of zincorp's code:
function changeButton()
{
$("input").each(function() {
if ($(this).attr("value") === "ButtonName") {
$(this).attr("value", "NewButtonName");
}
});
}
And if you have jQuery 1.6 or greater, use "prop" instead of "attr".
I need to disable specific keys (Ctrl and Backspace) in Internet Explorer 6. Is there a registry hack to do this. It has to be IE6. Thanks.
Long Edit:
#apandit: Whoops. I need to more specific about the backspace thing. When I say disable backspace, I mean disable the ability for Backspace to mimic the Back browser button. In IE, pressing Backspace when the focus is not in a text entry field is equivalent to pressing Back (browsing to the previous page).
As for the Ctrl key. There are some pages which have links which create new IE windows. I have the popup blocker turned on, which block this. But, Ctrl clicking result in the new window being launched.
This is for a kiosk application, which is currently a web based application. Clients do not have the funds at this time to make their site kiosk friendly. Things like URL filtering and disabling the URL entry field is already done.
Thanks.
For what purpose do you need this? Because disabling the backspace would be hell for typing urls or emails, etc.
We could recommend other workarounds if we knew the problem better.
EDIT 1:
This website seems to have some information as to how it's done. I can't verify it currently, but I'll look into it:
http://www.ozzu.com/programming-forum/disable-key-and-back-t44867.html
Edit 2:
This website has some key codes:
http://www.advscheduler.com/docs/manual/type_sendkeys.html
It seems BACKSPACE is 08.
EDIT 3:
Found some more code for blocking, check this out:
<script type="text/javascript">var sType = "keypress";</script>
<!--[if IE]>
<script type="text/javascript">sType = "keydown";</script>
<![endif]-->
<script type="text/javascript">
fIntercept = function(e) {
// alert(e.keyCode);
e = e || event.e;
if (e.keyCode == 116) {
// When F5 is pressed
fCancel(e);
} else if (e.ctrlKey && (e.keyCode == 0 || e.keyCode == 82)) {
// When ctrl is pressed with R
fCancel(e);
}
};
fCancel = function(e) {
if (e.preventDefault) {
e.stopPropagation();
e.preventDefault();
} else {
e.keyCode = 0;
e.returnValue = false;
e.cancelBubble = true;
}
return false;
};
fAddEvent = function(obj, type, fn) {
if (obj.addEventListener) {
obj.addEventListener(type, fn, false);
} else {
obj['e'+type+fn] = fn;
obj[type+fn] = function() {
obj['e'+type+fn](window.event);
}
obj.attachEvent('on'+type, obj[type+fn]);
}
};
fAddEvent(document, sType, fIntercept);
</script>
Ok, now you should have all you need to do it. To disable backspace, the keycode is 08. You can probably just use the code I posted with slight modifications only... :\
Try it out and see if it's what you needed. (I hope you know how to use Javascript.)
You can't do it from a web page. One of the main purposes of a web browser is to protect users from the internet. They define a very specific set of things that web sites can do, and disabling buttons isn't in the list.
On the other hand, if you're a network admin and just want to mess with your users, you might be able to do it via some desktop software. But I wouldn't hold my breath.
I'm using this jQuery solution (tested on ie6 and firefox 3.6):
$(document).keydown(function(e) {
var tag = e.target.tagName;
var ro = e.target.readOnly;
var type = e.target.type;
var tags = {
INPUT : '',
TEXTAREA : ''
};
if (e.keyCode == 8) {// backspace
if (!(tag in tags && !ro && /text/.test(type))) {
e.stopPropagation();
e.preventDefault();
}
}
});
hope it helps someone