Wednesday November 19th, 2014 Chris Underwood
Prevent Double Submits
Disable Form Buttons on Submit
Sometimes a web server may be slow to responsd from a form submit, thus giving a user the opportunity and motive to press the button again. Rarely does this produce good results, so I use this technique to prevent the situation.
When any submit button is pressed the entire page is covered with a translucent <DIV> that slightly dims the content and prevents any of the on-screen controls from being touched during the wait for a server response. Simple, clean and effective.
Note that it does rely on JQUERY, so do take care to put a reference to this in your page header <SCRIPT> area.
Place this piece of <STYLE> in your page, I typically have it in my page header function:
<style>
.FreezePaneOff {
visibility: hidden;
display: none;
position: absolute;
top: -100px;
left: -100px;
}
.FreezePaneOn {
position: absolute;
top: 0px;
left: 0px;
visibility: visible;
display: block;
width: 100%;
height: 100%;
z-index: 999;
filter:alpha(opacity=15);
-moz-opacity: 0.25;
padding-top: 20%;
background: rgb(110, 110, 110);
background: rgba(110, 110, 110, .2);
}
</style>
Place this <DIV> and <SCRIPT> after all of your page output, I typically make it the last thing in my page footer function:
<div align="center" id="FreezePane" class="FreezePaneOff"></div>
<script type="text/javascript">
$('input:submit').click(function FreezeScreen(){
scroll(0,0);
var outerPane = document.getElementById("FreezePane");
if (outerPane) outerPane.className = "FreezePaneOn";
})
</script>
This technique performs well in virtually every browser and in situations ranging from an instant response to a long delay.
Wednesday November 19th, 2014 Terry Riegel
Force HTTPS
Requiring HTTPS on all pages
How To require that all pages be served with HTTPS instead of HTTP. The best way is to prevent any and all HTTP requests. This may not be possible and would require configuring your HTTP server to reject any requests on port 80.
You can however make sure that all of your HTML/OS pages stop delivery of anything not requested over HTTPS.
First edit your htmlos.conf file and look for a line with ServiceType in it
ServiceType https
Next, you will need to protect any potential point of entry, like /system/login.html and /system/rs.html also on any startlinks you might have. Make sure all of these pages have this snip of code at the top of them. Your code might look something like this…
<<
if getenv('HTTPS')='ERROR' then
# Force HTTPS /#
goto 'https://'+domainname+getenv('REQUEST_URI')
/if
>>
Placing that little snip of code at the start of all your HTML/OS pages will prevent them from being delivered over HTTP.
To verify your code is working take any page and change the https://... to http://... and load it. If it loads over HTTP then you have a problem and need to make sure you have the conditional on the page.
To protect /system/rs.html and /system/login.html do the following
First copy /system/rs.html to /system/rsAESTIVA.html and /system/login.html to /system/loginAESTIVA.html
Next create a new /system/rs.html and add the following code to it...
<<
if getenv('HTTPS')='ERROR' then
# Force HTTPS /#
goto 'https://'+domainname+getenv('REQUEST_URI')
/if
goto '/system/rs.html'
>>
And lastly Next create a new /system/login.html and add the following code to it...
<<
if getenv('HTTPS')='ERROR' then
# Force HTTPS /#
goto 'https://'+domainname+getenv('REQUEST_URI')
/if
goto '/system/login.html'
>>
Wednesday November 19th, 2014 Terry Riegel
UTC Time
How to get UTC+0 / GMT
This seems like a very simple question with a simple answer.
NOW
A simple use of NOW will only return the time and date portion of what the underlying server is reporting. For example if you were to type date from the command line on your server you would get something like this...
$ date
Wed Nov 19 11:18:56 PST 2014
And then if you run NOW in your html/os code you get something like this...
11/19/2014 11:18
Notice the timezone is no where to be seen. And to complicate things if you use the Aestiva Control Panel to modify your time to say add 120 minutes to the server time then the Aestiva Time will return...
11/19/2014 13:18
And once again the concept of which timezone this represents is lost.
Thankfully newer versions of HTML/OS include a nice function called UTCOFFSET(now) in the example listed above UTCOFFSET(now) would return -0800, but it would return that regardless of any time modifications you might have made with the time control panel.
So in order to get the UTC+0 time on your server you can use the function ADDMINUTES() to subtract the UTCOFFSET times 60 but then you will also have to subtract the minutes offset you may have entered into your Time Control Panel.
Here is a function that encapsulates these two arithmetic operations to give you the true UTC+0 or GMT date and time.
function nowUTC() locals u,s,timeconf do
copy file="/system/conf/time.conf" ts=',' to timeconf /copy
if timeconf[1,1]='ERROR' then timeconf[1,1]=0 /if
if timeconf[1,1]='' then timeconf[1,1]=0 /if
u=utcoffset(now)
s=left(u,1)
u=middle(u,2,3)
u=u+0
if s='-' then u=u*-1 /if
return addminutes(now,(u*-60)-timeconf[1,1]) /return
/function
Let me know in the comments if this works for you and if not why.