0

In my website www.theprinterdepo.com, you can view the page source, I have a code that my seo consulting suggested me to move to an external file.

Its an ecommerce site built on magento. ITs a free open source tool, so I did not developed it, I just installed it.

I need to know what the code does.

window.HDUSeed='c7025284683262a8eb81056c48968d74';
window.HDUSeedIntId = setInterval(function(){
    if (document.observe) {
        document.observe('dom:loaded', function(){
            for (var i = 0; i < document.forms.length; i++) {
                if (document.forms[i].getAttribute('action') &&  document.forms[i].getAttribute('action').match('contacts/index/post')) {
                    var el = document.createElement('input');
                    el.type = ('hidden');
                    el.name = 'hdu_seed';
                    el.value = window.HDUSeed;
                    document.forms[i].appendChild(el);
                }
            }
        });
        clearInterval(window.HDUSeedIntId)
    }
}, 100);
Luis Valencia
  • 32,619
  • 93
  • 286
  • 506
  • you are very rude, moderators like you should not be here. – Luis Valencia Jun 09 '12 at 13:12
  • I gave you helpful advice in the original comments, and you gave insults in return. You made it clear that you only wanted to know if you could remove a script from your site, a question that no one could reasonably answer, making this question too localized, and really off topic. I'm guessing you took my original advice, and moved the script to an external file. And still you continue to insult me. That's too bad. It's very childish behavior. I've helped many people here, freely giving much time. Have you? –  Jun 09 '12 at 13:52

4 Answers4

6

In Brief

This script calls a function at an interval of every 100ms or so (as it's not guaranteed) to try to verify for the DOM's load status to add a hook on it.

If loaded, it then processes all the forms present in the page, looking for one with an "action" attribute (usually to submit it someplace, here contacts/index/post).

To all such forms found, it adds a new hidden input element containing "seed" value, but we cannot tell you what it is used for without knowing more about the codebase.

Detailed Code Review

// seed value, purpose unknown
window.HDUSeed='c7025284683262a8eb81056c48968d74';

// invoke this function every 100ms
//   see: https://developer.mozilla.org/en/DOM/window.setInterval
window.HDUSeedIntId = setInterval(function(){
    // checks if document.observe method exists (added by the Prototype
    // JavaScript library, so we use this here to check its presence or
    // that it's been already loaded)
    if (document.observe) {
        // hook on load status (when the page's DOM has finished loading)
        //   see: http://www.prototypejs.org/api/document/observe
        document.observe('dom:loaded', function(){
            // process all forms contained within the page's context
            //   see: https://developer.mozilla.org/en/DOM/document.forms
            for (var i = 0; i < document.forms.length; i++) {
                // only act on forms with the 'contacts/index/post/' action attribute
                //   see: https://developer.mozilla.org/en/DOM/document.forms
                //   and: https://developer.mozilla.org/en/JavaScript/Reference/Global_Objects/String/match
                if (document.forms[i].getAttribute('action') && 
                    document.forms[i].getAttribute('action').match('contacts/index/post')) {
                    // create an element...
                    //   see: https://developer.mozilla.org/en/DOM/document.createElement
                    var el = document.createElement('input');
                    el.type = ('hidden');              // ... that is hidden
                    el.name = 'hdu_seed';              // w/ name 'hdu_seed'
                    el.value = window.HDUSeed;         // and the seed value
                    document.forms[i].appendChild(el); // and add it to the end of the form
                }
            }
        });
        // Remove the interval to not call this stub again,
        // as you've done what you want.
        // To do this, you call clearInterval with the ID of the
        // interval callback you created earlier.
        //   see: https://developer.mozilla.org/en/DOM/window.clearInterval
        clearInterval(window.HDUSeedIntId)
    }
}, 100); // 100ms
Community
  • 1
  • 1
haylem
  • 22,460
  • 3
  • 67
  • 96
  • Can't really say what the HDUSeed is used for here, you may want to dive into the code base of os commerce then. Might just be a random number generated server-side and injected in the page, and that is then used to identify something when communication with the web forms. – haylem Jun 06 '12 at 19:01
  • I also cannot really tell whether it's safe to remove or not. Usually, I'd be wary to remove something that generates or uses unique identifiers in a codebase without knowing what it does :) – haylem Jun 06 '12 at 19:04
  • Also, danp's anti-spam assumption seems fairly possible. Could indeed be a server-side generated number that then needs to be added back to the form calls to ensure that we'in presence of a user with a browser supporting JS, which bots usually don't (well, or didn't use to...). – haylem Jun 06 '12 at 19:06
  • but I guess to put it in an external file should be fine – Luis Valencia Jun 06 '12 at 19:08
  • @LuisEValencia: probably, yes. – haylem Jun 06 '12 at 19:11
  • 1
    +1 for putting a lot of effort into a code explanation, even when OP really doesn't care about any of it. –  Jun 06 '12 at 19:14
  • 2
    @amnotiam: Thanks. i just think the OP is a guy on a job who needs an answer quickly, and who's not that familiar with SO etiquette (or how to ask questions in a manner that encourages them to be answered). I think pretty much everybody does this mistake at first and will outgrow it (maybe I'm just a hopeless romantic, here). – haylem Jun 06 '12 at 19:21
  • You're far more gracious than I. After 137 questions and 15 answers, I'd figure OP would know a little better. But even that doesn't bother me so much as receiving insults in return for helpful, albeit direct, comments/criticism. ...To your new comment under the question, thanks. `:)` –  Jun 06 '12 at 19:29
  • 1
    @amnotiam: damned, hadn't realize his reputation was already this high. Yeah, well, like I said: no (real) harm done. It's the end of the day, I get lenient. – haylem Jun 06 '12 at 19:30
2

Looks like some sort of claification to an external thing. By this I mean services like Google Analytics. Remember if you are using any third party services for your website. If not I would recommend you delete it and see what happens. If it makes trouble or something, just restore the code back in your document.

Jason Stackhouse
  • 1,796
  • 2
  • 18
  • 19
  • Not sure why you think that would relate to something "external", as the action seems to refer to an internal document (could be assumed that the server then uses the ID to contact something external itself, but then again, a lot of things could be assumed). I don't really know OS Commerce though. – haylem Jun 06 '12 at 19:15
  • I noticed that it had this code `window.HDUSeed='c7025284683262a8eb81056c48968d74';` and it got me thinking about if it were some third party systems. c7025284683262a8eb81056c48968d74 looked like a long code to identify his website. That was my theory. – Jason Stackhouse Jun 06 '12 at 20:14
2

The code looks for a form whose action is contacts/index/post and attempts to add a hidden field called 'hdu_seed'. It looks like an anti-spam measure, probably the server expects to receive this and if it doesn't exist, ignores it. This way, robots who aren't using javascript will not have this field included and probably the form will fail.

edit: it's actually not that complex at all.

danp
  • 14,876
  • 6
  • 42
  • 48
0

Without know what the setInterval, clearInterval, and observe function do here is a rough outline of the logic

Call setInterval with a function and the integer 100 The function checks to see if the observe function has been loaded in this document If it has then it calls the observe function with the dom:loaded parameter and a function and calls the clearInterval function, otherwise it does nothing

The inner function loops over every form in the document. The loop checks the form for the action attribute. If it exists and contains the string contacts/index/post then it creates a hidden input element with the name of hdu_seed and a value of window.HDUSeed It then appends this element to the form.

Kodi
  • 767
  • 7
  • 20