ciqala
12-22-2002, 12:29 AM
I have a dvd forum and when i create a post about a release i include a cover picture and a link to amazon.com
I now want to use the "buy it from amazon" buttons which creates an amazon style image and when its clicked you can add to your amazon cart instantly and carry on looking at the forum or go to checkout.
the problem is they give you a piece of javascript to insert and I understand putting the ability to post executable javascript in a post is a big big security no no.
the only apparent solution would be to add a new field to the page where you create your post which only appears for admins
you can then post the code into the fiels and have it appear in the top of the postbit or wherever you want.
it would need to be database driven so that it could store the code but my programming knowledge sadly only includes if...endif and include() when it comes to php. plus i'm not sure if it would be better to create a new table to store the info or if you should add it to the end of one of the other tables...
anyways i think this is a hack that would be very useful for a multitude of reasons not limited only to amazon buttons it would allow the admins to use any <script> code they wanted without fear of the users being able to do the same.
here is an example of the code i need to include...
<script language="JavaScript">
function popUp(URL,NAME) {
amznwin=window.open(URL,NAME,'location=yes,scrollb ars=yes,status=yes,toolbar=yes,resizable=yes,width =380,height=450,screenX=10,screenY=10,top=10,left= 10');
amznwin.focus();}
document.open();
document.write("<a href=javascript:popUp('http://buybox.amazon.com/exec/obidos/redirect?tag=hiphopdvds-20&link_code=xsc&creative=23424&camp=2025&path=/dt/assoc/tg/aa/xml/assoc/-/B00005JKCH/hiphopdvds-20/ref=ac_bb5_,_amazon')><img src=http://rcm-images.amazon.com/images/G/01/associates/remote-buy-box/buy5.gif border=0 alt='Buy from Amazon.com' ></a>");
document.close();
</script>
<noscript>
<form method="POST" action="http://buybox.amazon.com/o/dt/assoc/handle-buy-box=B00005JKCH">
<input type="hidden" name="asin.B00005JKCH" value="1">
<input type="hidden" name="tag-value" value="hiphopdvds-20">
<input type="hidden" name="tag_value" value="hiphopdvds-20">
<input type="image" name="submit.add-to-cart" value="Buy from Amazon.com" border="0" alt="Buy from Amazon.com" src="http://rcm-images.amazon.com/images/G/01/associates/add-to-cart.gif">
</form>
</noscript>
if someone can do this or provide me with a similiar hack that i could use for guidance it would be very much appreciated.
Cheers
Ciq
I now want to use the "buy it from amazon" buttons which creates an amazon style image and when its clicked you can add to your amazon cart instantly and carry on looking at the forum or go to checkout.
the problem is they give you a piece of javascript to insert and I understand putting the ability to post executable javascript in a post is a big big security no no.
the only apparent solution would be to add a new field to the page where you create your post which only appears for admins
you can then post the code into the fiels and have it appear in the top of the postbit or wherever you want.
it would need to be database driven so that it could store the code but my programming knowledge sadly only includes if...endif and include() when it comes to php. plus i'm not sure if it would be better to create a new table to store the info or if you should add it to the end of one of the other tables...
anyways i think this is a hack that would be very useful for a multitude of reasons not limited only to amazon buttons it would allow the admins to use any <script> code they wanted without fear of the users being able to do the same.
here is an example of the code i need to include...
<script language="JavaScript">
function popUp(URL,NAME) {
amznwin=window.open(URL,NAME,'location=yes,scrollb ars=yes,status=yes,toolbar=yes,resizable=yes,width =380,height=450,screenX=10,screenY=10,top=10,left= 10');
amznwin.focus();}
document.open();
document.write("<a href=javascript:popUp('http://buybox.amazon.com/exec/obidos/redirect?tag=hiphopdvds-20&link_code=xsc&creative=23424&camp=2025&path=/dt/assoc/tg/aa/xml/assoc/-/B00005JKCH/hiphopdvds-20/ref=ac_bb5_,_amazon')><img src=http://rcm-images.amazon.com/images/G/01/associates/remote-buy-box/buy5.gif border=0 alt='Buy from Amazon.com' ></a>");
document.close();
</script>
<noscript>
<form method="POST" action="http://buybox.amazon.com/o/dt/assoc/handle-buy-box=B00005JKCH">
<input type="hidden" name="asin.B00005JKCH" value="1">
<input type="hidden" name="tag-value" value="hiphopdvds-20">
<input type="hidden" name="tag_value" value="hiphopdvds-20">
<input type="image" name="submit.add-to-cart" value="Buy from Amazon.com" border="0" alt="Buy from Amazon.com" src="http://rcm-images.amazon.com/images/G/01/associates/add-to-cart.gif">
</form>
</noscript>
if someone can do this or provide me with a similiar hack that i could use for guidance it would be very much appreciated.
Cheers
Ciq