Monday, 20 June 2016

Get the current URL via JavaScript and change url to short

Example if url is like this : 
http://localhost:8080/someapplication/?token=sUyJhbGciiOiJIUzI1NiJ9.eyJleHAiOjE0NjYxNzIxNTIs1NiJ9.eyJleHAiOjE0NjYInN1YiI6ImthZ2FtaS1hdXRoLXRpY2tldCIsImlzcyI6ImFkbWluIiwicm9sZSI6ImFkbWluIn0.d50P0r2dyeB-XyOG7I-daRp2Pu1OzaBxwisS4Et_rYI&service=auth#/somepage

and output URL to be : http://localhost:8080/someapplication/#/somepage

working code through javascript below : 

/*URL change start*/
if (history.pushState) {
    var newurl = window.location.protocol + "//" + window.location.host + window.location.pathname + '?token=/';
    window.history.pushState({path:newurl},'',newurl);
}
$(window).bind('hashchange', function() {
/* url change code here */
if (window.location.search.match("?token=")){
     var newHash = "/" + window.location.search;
var newHash = "/" ;
     if (window.history.replaceState){
       window.history.replaceState( {}, "", window.location.toString().replace(window.location.search, ""));
     }     
   }
});
function hashHandler(){
    this.oldHash = window.location.hash;
    this.Check;
    var that = this;
    var detect = function(){
        if(that.oldHash!=window.location.hash){
            //alert("HASH CHANGED - new has" + window.location.hash);
            that.oldHash = window.location.hash;
        }
    };
    this.Check = setInterval(function(){ detect() }, 100);
}
var hashDetection = new hashHandler();
/*URL change end*/

-----------------------------------------------------------------------------------------------------------------------------

JavaScript provides you many methods to retrieve and change the current URL which is displayed in browser's address bar. All these methods uses the Location object, which is a property of the Window object. You can create a new Location object that has the current URL as follows:
var currentLocation = window.location;
Basic Structure of a URL
<protocol>//<hostname>:<port>/<pathname><search><hash>
Basic structure of a URL
  1. Protocol -- Specifies the protocol name be used to access the resource on the Internet. (HTTP (without SSL) or HTTPS (with SSL))
  2. hostname -- Host name specifies the host that owns the resource. For example, www.stackoverflow.com. A server provides services using the name of the host.
  3. port -- A port number used to recognize a specific process to which an Internet or other network message is to be forwarded when it arrives at a server.
  4. pathname -- The path gives info about the specific resource within the host that the Web client wants to access. For example, /index.html.
  5. query -- A query string follows the path component, and provides a string of information that the resource can utilize for some purpose (for example, as parameters for a search or as data to be processed).
  6. hash -- The anchor portion of a URL, includes the hash sign (#).
With these Location object properties you can access all of these URL components
  1. hash - Sets or returns the anchor portion of a URL.
  2. host - Sets or returns the hostname and port of a URL.
  3. hostname - Sets or returns the hostname of a URL.
  4. href - Sets or returns the entire URL.
  5. pathname - Sets or returns the path name of a URL.
  6. port - Sets or returns the port number the server uses for a URL.
  7. protocol - Sets or returns the protocol of a URL.
  8. search - Sets or returns the query portion of a URL


Hope it helps you.......




Saturday, 11 June 2016

unique text color to multiple rows in javascript

for(var i=0;i<10;i++){
  var x = ".itemborder" + i;
  var color='#'+Math.random().toString(16).substr(2,6);
  $(x).css("border-color", color );     
}

output : rgb(023, 230, 111)

Sunday, 28 February 2016

Cross Site Request Forgery in JS Web Apps

Ensuring that attackers don’t forge requests in your web applications can be a tricky businesses, one that often requires a hand-rolled solution.
As soon as you have a session, you need to start thinking about cross site request forgery (CSRF). Every request to your site will contain authentication cookies, and HTML forms don’t abide by the same origin policy (SOP).
One method of ensuring that destructive requests (PUTs/POSTs/DELETEs) to your site are made from your domain, is by only allowing requests with aContent-Type header of application/json. The only way to set this header is via Ajax, and Ajax requests are limited to the same domain.
However, there have been active vectors in the past that have allowed header injection (such as some of the Flash exploits), and Egor, who is the expert in these things, assures me it’s not enough.
The classic method of preventing CSRF attacks is via a token that you pass with every destructive request. The idea is that attackers can’t get hold of this token (because of the SOP), and thus can’t forge requests.
If you’re using Rails, you get this for free. If you’re using Rack, than Rack CSRF is your best bet. It’ll deal with generating tokens and checking requests. The only part you have to handle is on the client side.
jQuery has a neat feature called ajaxPrefilter, which lets you provide a callback to be invoked every Ajax request. You can pass a CSRF token to the client side via, say, a meta tag. Then set a header using ajaxPrefilter.
var CSRF_HEADER = 'X-CSRF-Token';

var setCSRFToken = function(securityToken) {
  jQuery.ajaxPrefilter(function(options, _, xhr) {
    if ( !xhr.crossDomain ) 
        xhr.setRequestHeader(CSRF_HEADER, securityToken);
  });
};

setCSRFToken($('meta[name="csrf-token"]').attr('content'));
In the example above we’re retrieving our CSRF token from a meta tag in the page. Then we’re ensuring that any local Ajax requests forward the token as part of the request’s header.

site ref : http://blog.alexmaccaw.com/jswebapps-csrf#kudo

Wednesday, 11 November 2015

php get the last row with MySQL

If you want the last 10 then just change ASC to DESC

SELECT * 
FROM 
chat 
WHERE 
(userID=$session AND toID=$friendID) 
OR 
(userID=$friendID AND toID=$session) 
ORDER BY id 
DESC
LIMIT 10
SELECT * FROM chat WHERE (userID=$session AND toID=$friendID) OR (userID=$friendID AND toID=$session) ORDER BY id DESC LIMIT 10

Sunday, 27 September 2015

A Simple HTML Login page using JavaScript with count

Enter Username : test
Enter Password : test
ENTER USER NAME
ENTER PASSWORD



code here :

 <script type = "text/javascript">

// Note: Like all Javascript password scripts, this is hopelessly insecure as the user can see
//the valid usernames/passwords and the redirect url simply with View Source.
// And the user can obtain another three tries simply by refreshing the page.
//So do not use for anything serious!

var count = 2;
function validate() {
var un = document.myform.username.value;
var pw = document.myform.pword.value;
var valid = false;

var unArray = ["test", "test1"];  // as many as you like - no comma after final entry
var pwArray = ["test", "test1"];  // the corresponding passwords;

for (var i=0; i <unArray.length; i++) {
if ((un == unArray[i]) && (pw == pwArray[i])) {
valid = true;
break;
}
}

if (valid) {
alert ("Login was successful");
window.location = "view.php";
return false;
}

var t = " tries";
if (count == 1) {t = " try"}

if (count >= 1) {
alert ("Invalid username and/or password.  You have " + count + t + " left.");
document.myform.username.value = "";
document.myform.pword.value = "";
setTimeout("document.myform.username.focus()", 25);
setTimeout("document.myform.username.select()", 25);
count --;
}

else {
alert ("Still incorrect! You have no more tries left!");
document.myform.username.value = "No more tries allowed!";
document.myform.pword.value = "";
document.myform.username.disabled = true;
document.myform.pword.disabled = true;
return false;
}

}

</script>
<p>Enter Username : test </p>
<p>Enter Password : test </p>
<form name = "myform">
<p>ENTER USER NAME <input type="text" name="username"> </p>
<p>ENTER PASSWORD <input type="password" name="pword">
<p><input type="button" value="Check In" name="Submit" onclick= "validate()"></p>

</form><br/><br/>

Thursday, 13 August 2015

Tab example with pure javascript to show and hide tab content

Example on show hide button pure javascript



example


<!DOCTYPE html>
<html>

<head>
<meta charset='UTF-8'>
<title>example</title>

 <style type="text/css">
 #page-wrap { width: 100%; background: #ccc; }
.breadcrumbs { margin: 0; padding: 0; }
.breadcrumbs li { float: left; list-style: none; margin: 5px 10px; padding:10px; background-color: #2396D0; }
.breadcrumbs li a { text-decoration: none; color: white; }
.showhidediv { padding: 0; background: #2396D0; width: 100%;  }
.showhidedivC { padding: 10px 0; }
 </style>

</head>

<body>


<div id="page-wrap">


<div class="">
<ul class="breadcrumbs">

<li class="nobg"><input type="button" value="1 button" onclick="show('div1')"/></li>
<li class="nobg"><input type="button" value="2 button" onclick="show('div2')"/></li>
<li class="nobg"><input type="button" value="3 button" onclick="show('div3')"/></li>
<li class="nobg"><input type="button" value="4 button" onclick="show('div4')"/></li>

</ul>
</div>
<div style="clear:both;"></div>

<div class="showhidediv">

<div class="showhidedivC" id="div1" style="display:none;">
111111111111
<input type="button" value="button1" />
<input type="button" value="button1" />
<input type="button" value="button1" />
<input type="button" value="button1" />
<input type="button" value="button1" />
<input type="button" value="button1" />
</div>
<div class="showhidedivC" id="div2" style="display:none;">
22222222222222222
<input type="button" value="button1" />
<input type="button" value="button1" />
<input type="button" value="button1" />
<input type="button" value="button1" />
<input type="button" value="button1" />
<input type="button" value="button1" />
</div>
<div class="showhidedivC" id="div3" style="display:none;">
333333333333333
<input type="button" value="button1" />
<input type="button" value="button1" />
<input type="button" value="button1" />
<input type="button" value="button1" />
<input type="button" value="button1" />
<input type="button" value="button1" />
</div>
<div class="showhidedivC" id="div4" style="display:none;">
44444444444444444444
<input type="button" value="button1" />
<input type="button" value="button1" />
<input type="button" value="button1" />
<input type="button" value="button1" />
<input type="button" value="button1" />
<input type="button" value="button1" />
</div>


</div>

</div>


<script>
for (i=1; i<5;i++){

    var currentDiv = document.getElementById("div"+i);
 
    function show(divID) {
        var div = document.getElementById(divID);

        currentDiv.style.display = "none";
        div.style.display = "block";

        currentDiv = div;
    }
    i++;

    }

</script>

</body>

</html>


Tuesday, 11 August 2015

AngularJS User Registration and Login Example

AngularJS User Registration and Login Example Reference took from http://jasonwatmore.com/post/2015/03/10/AngularJS-User-Registration-and-Login-Example.aspx Plunker link example : http://embed.plnkr.co/Mvrte4/preview AngularJS User Registration and Login Example Building on from a previous article I posted on how to implement Basic HTTP Authentication with AngularJS, in this post I've extended that example to include a simple user registration form. The project is available on GitHub at https://github.com/cornflourblue/angular-registration-login-example The example uses HTML5 local storage for storing the users so I could show it working without a back end, however the project also contains a user service built to interact with a RESTful web service. To switch from local storage to the web service implementation just update which script is embedded in the index.html file, note that for this to work you also need to create the RESTful web service for managing users :) AngularJS Project Structure I've based a lot of the project and code structure on recommendations from John Papa's style guide with my own tweaks here and there, for example I've placed application config and routes within the app.js file rather than separate files because there isn't much code in either section, these could be split out later if the sections grow. I'm also trying out placing application services and content in folders prefixed with 'app-' to prevent having a name clash if I need to add a section to my app called 'services' or 'content', it also has the added benefit of grouping all the 'non-gui' code together at the top of the folders. Here's what the project structure looks like: app-content app.css app-services authentication.service.js flash.service.js user.service.js user.service.local-storage.js home home.controller.js home.view.html login login.controller.js login.view.html register register.controller.js register.view.html app.js index.html Below I've included brief descriptions of the main files that have to do with user registration and authentication, all the files are available at the github project linked at the top of the post. AngularJS Authentication Service Back to top The authentication service contains methods for authenticating a user, setting credentials and clearing credentials from the HTTP "Authorization" headers used by the AngularJS $http service, so effectively logging in and out. The example uses dummy authentication in order to show the example working on plunker without a back end, but real authentication can be setup by following the comments in the Login function. ? 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 (function () { 'use strict'; angular .module('app') .factory('AuthenticationService', AuthenticationService); AuthenticationService.$inject = ['$http', '$cookieStore', '$rootScope', '$timeout', 'UserService']; function AuthenticationService($http, $cookieStore, $rootScope, $timeout, UserService) { var service = {}; service.Login = Login; service.SetCredentials = SetCredentials; service.ClearCredentials = ClearCredentials; return service; function Login(username, password, callback) { /* Dummy authentication for testing, uses $timeout to simulate api call ----------------------------------------------*/ $timeout(function () { var response; UserService.GetByUsername(username) .then(function (user) { if (user !== null && user.password === password) { response = { success: true }; } else { response = { success: false, message: 'Username or password is incorrect' }; } callback(response); }); }, 1000); /* Use this for real authentication ----------------------------------------------*/ //$http.post('/api/authenticate', { username: username, password: password }) // .success(function (response) { // callback(response); // }); } function SetCredentials(username, password) { var authdata = Base64.encode(username + ':' + password); $rootScope.globals = { currentUser: { username: username, authdata: authdata } }; $http.defaults.headers.common['Authorization'] = 'Basic ' + authdata; // jshint ignore:line $cookieStore.put('globals', $rootScope.globals); } function ClearCredentials() { $rootScope.globals = {}; $cookieStore.remove('globals'); $http.defaults.headers.common.Authorization = 'Basic '; } } // Base64 encoding service used by AuthenticationService var Base64 = { keyStr: 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=', encode: function (input) { var output = ""; var chr1, chr2, chr3 = ""; var enc1, enc2, enc3, enc4 = ""; var i = 0; do { chr1 = input.charCodeAt(i++); chr2 = input.charCodeAt(i++); chr3 = input.charCodeAt(i++); enc1 = chr1 >> 2; enc2 = ((chr1 & 3) << 4) | (chr2 >> 4); enc3 = ((chr2 & 15) << 2) | (chr3 >> 6); enc4 = chr3 & 63; if (isNaN(chr2)) { enc3 = enc4 = 64; } else if (isNaN(chr3)) { enc4 = 64; } output = output + this.keyStr.charAt(enc1) + this.keyStr.charAt(enc2) + this.keyStr.charAt(enc3) + this.keyStr.charAt(enc4); chr1 = chr2 = chr3 = ""; enc1 = enc2 = enc3 = enc4 = ""; } while (i < input.length); return output; }, decode: function (input) { var output = ""; var chr1, chr2, chr3 = ""; var enc1, enc2, enc3, enc4 = ""; var i = 0; // remove all characters that are not A-Z, a-z, 0-9, +, /, or = var base64test = /[^A-Za-z0-9\+\/\=]/g; if (base64test.exec(input)) { window.alert("There were invalid base64 characters in the input text.\n" + "Valid base64 characters are A-Z, a-z, 0-9, '+', '/',and '='\n" + "Expect errors in decoding."); } input = input.replace(/[^A-Za-z0-9\+\/\=]/g, ""); do { enc1 = this.keyStr.indexOf(input.charAt(i++)); enc2 = this.keyStr.indexOf(input.charAt(i++)); enc3 = this.keyStr.indexOf(input.charAt(i++)); enc4 = this.keyStr.indexOf(input.charAt(i++)); chr1 = (enc1 << 2) | (enc2 >> 4); chr2 = ((enc2 & 15) << 4) | (enc3 >> 2); chr3 = ((enc3 & 3) << 6) | enc4; output = output + String.fromCharCode(chr1); if (enc3 != 64) { output = output + String.fromCharCode(chr2); } if (enc4 != 64) { output = output + String.fromCharCode(chr3); } chr1 = chr2 = chr3 = ""; enc1 = enc2 = enc3 = enc4 = ""; } while (i < input.length); return output; } }; })(); AngularJS User Service Back to top A user service designed to interact with a RESTful web service to manage users within the system. ? 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 (function () { 'use strict'; angular .module('app') .factory('UserService', UserService); UserService.$inject = ['$http']; function UserService($http) { var service = {}; service.GetAll = GetAll; service.GetById = GetById; service.GetByUsername = GetByUsername; service.Create = Create; service.Update = Update; service.Delete = Delete; return service; function GetAll() { return $http.get('/api/users').then(handleSuccess, handleError('Error getting all users')); } function GetById(id) { return $http.get('/api/users/' + id).then(handleSuccess, handleError('Error getting user by id')); } function GetByUsername(username) { return $http.get('/api/users/' + username).then(handleSuccess, handleError('Error getting user by username')); } function Create(user) { return $http.post('/api/users', user).then(handleSuccess, handleError('Error creating user')); } function Update(user) { return $http.put('/api/users/' + user.id, user).then(handleSuccess, handleError('Error updating user')); } function Delete(id) { return $http.delete('/api/users/' + id).then(handleSuccess, handleError('Error deleting user')); } // private functions function handleSuccess(data) { return data; } function handleError(error) { return function () { return { success: false, message: error }; }; } } })(); AngularJS Fake User Service (Local Storage) Back to top A fake user service that stores users in local storage in the browser, it mimics the behaviour of the real user service by returning promises and using $timeout. When creating a user, the service checks if a username is already taken and returns an error message, in a real implementation using a web service this action would be performed on the server. To switch between using this fake user service and the real one above update the scripts section at the bottom of the index.html file. ? 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 (function () { 'use strict'; angular .module('app') .factory('UserService', UserService); UserService.$inject = ['$timeout', '$filter', '$q']; function UserService($timeout, $filter, $q) { var service = {}; service.GetAll = GetAll; service.GetById = GetById; service.GetByUsername = GetByUsername; service.Create = Create; service.Update = Update; service.Delete = Delete; return service; function GetAll() { var deferred = $q.defer(); deferred.resolve(getUsers()); return deferred.promise; } function GetById(id) { var deferred = $q.defer(); var filtered = $filter('filter')(getUsers(), { id: id }); var user = filtered.length ? filtered[0] : null; deferred.resolve(user); return deferred.promise; } function GetByUsername(username) { var deferred = $q.defer(); var filtered = $filter('filter')(getUsers(), { username: username }); var user = filtered.length ? filtered[0] : null; deferred.resolve(user); return deferred.promise; } function Create(user) { var deferred = $q.defer(); // simulate api call with $timeout $timeout(function () { GetByUsername(user.username) .then(function (duplicateUser) { if (duplicateUser !== null) { deferred.resolve({ success: false, message: 'Username "' + user.username + '" is already taken' }); } else { var users = getUsers(); // assign id var lastUser = users[users.length - 1] || { id: 0 }; user.id = lastUser.id + 1; // save to local storage users.push(user); setUsers(users); deferred.resolve({ success: true }); } }); }, 1000); return deferred.promise; } function Update(user) { var deferred = $q.defer(); var users = getUsers(); for (var i = 0; i < users.length; i++) { if (users[i].id === user.id) { users[i] = user; break; } } setUsers(users); deferred.resolve(); return deferred.promise; } function Delete(id) { var deferred = $q.defer(); var users = getUsers(); for (var i = 0; i < users.length; i++) { var user = users[i]; if (user.id === id) { users.splice(i, 1); break; } } setUsers(users); deferred.resolve(); return deferred.promise; } // private functions function getUsers() { if(!localStorage.users){ localStorage.users = JSON.stringify([]); } return JSON.parse(localStorage.users); } function setUsers(users) { localStorage.users = JSON.stringify(users); } } })(); AngularJS Login Controller Back to top The Login Controller clears the user credentials on load which logs the user out if they were logged in. The login function exposed by the controller calls the Authentication Service to authenticate the username and password entered into the view. ? 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 (function () { 'use strict'; angular .module('app') .controller('LoginController', LoginController); LoginController.$inject = ['$location', 'AuthenticationService', 'FlashService']; function LoginController($location, AuthenticationService, FlashService) { var vm = this; vm.login = login; (function initController() { // reset login status AuthenticationService.ClearCredentials(); })(); function login() { vm.dataLoading = true; AuthenticationService.Login(vm.username, vm.password, function (response) { if (response.success) { AuthenticationService.SetCredentials(vm.username, vm.password); $location.path('/'); } else { FlashService.Error(response.message); vm.dataLoading = false; } }); }; } })(); AngularJS Login View Back to top The Login View contains a small form with the usual fields for username and password, and some validation directives and messages. ? 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21

Login

{{vm.error}}
Username is required
Password is required
Register
AngularJS Register Controller Back to top The Register Controller exposes a single register method which is called from the register view when the form is submitted. The register method then calls the UserService.Create method to save the new user. ? 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 (function () { 'use strict'; angular .module('app') .controller('RegisterController', RegisterController); RegisterController.$inject = ['UserService', '$location', '$rootScope', 'FlashService']; function RegisterController(UserService, $location, $rootScope, FlashService) { var vm = this; vm.register = register; function register() { vm.dataLoading = true; UserService.Create(vm.user) .then(function (response) { if (response.success) { FlashService.Success('Registration successful', true); $location.path('/login'); } else { FlashService.Error(response.message); vm.dataLoading = false; } }); } } })(); AngularJS Register View Back to top The Register View contains just a few fields for user data and some directives for validation. ? 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31

Register

{{vm.error}}
First name is required
Last name is required
Username is required
Password is required
Cancel
AngularJS App.js Back to top The part of this file related to authentication is in the run function, when the app starts it checks if there's a cookie containing user credentials meaning the user has already logged in, this is to keep the user logged in after a page refresh. On each location change there's a check to verify that the user is logged in if trying to access a restricted page, if not they're redirected to the login page. ? 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 (function () { 'use strict'; angular .module('app', ['ngRoute', 'ngCookies']) .config(config) .run(run); config.$inject = ['$routeProvider', '$locationProvider']; function config($routeProvider, $locationProvider) { $routeProvider .when('/', { controller: 'HomeController', templateUrl: 'home/home.view.html', controllerAs: 'vm' }) .when('/login', { controller: 'LoginController', templateUrl: 'login/login.view.html', controllerAs: 'vm' }) .when('/register', { controller: 'RegisterController', templateUrl: 'register/register.view.html', controllerAs: 'vm' }) .otherwise({ redirectTo: '/login' }); } run.$inject = ['$rootScope', '$location', '$cookieStore', '$http']; function run($rootScope, $location, $cookieStore, $http) { // keep user logged in after page refresh $rootScope.globals = $cookieStore.get('globals') || {}; if ($rootScope.globals.currentUser) { $http.defaults.headers.common['Authorization'] = 'Basic ' + $rootScope.globals.currentUser.authdata; // jshint ignore:line } $rootScope.$on('$locationChangeStart', function (event, next, current) { // redirect to login page if not logged in and trying to access a restricted page var restrictedPage = $.inArray($location.path(), ['/login', '/register']) === -1; var loggedIn = $rootScope.globals.currentUser; if (restrictedPage && !loggedIn) { $location.path('/login'); } }); } })();