Scripts & HTML Fields in TOWeb

Page 23 of 29

The source code of your web pages can not be deleted or changed as TOWeb automatically generates or regenerates all your web pages. But you if you have some HTML code or scripts inside you can had them to your topics using TOWeb HTML Script Fields. Depending on your needs you may also Use a TOWeb Text Fields. Both types of scripts can have additional files.

You can insert or edit TOWeb fields when editing a paragraph using the field button but also create or manage all your scripts from the "Settings > HTML" step.

Script Fields

The example of %DATE% for the current date in JavaScript.
1) From the Fields' Editor create a new field by clicking on the Add the new field
2) Its default name is NEW_FIELD. Rename it to DATE
3) Set the Field Type to "HTML Script"
4) In the Script Field Content replace the default script with a copy/paste of the following lines of JavaScript source code :

var d = new Date(); ;
document.write(d.getMonth() + 1);
document.close() ;

5) Inside one of your topic add the following text :
The current date is : %DATE%
6) Generate and you should see, instead of %DATE% the current date displayed on your web page.

This simple script is just a small example of a JavaScript code displaying the current date. You may create or copy/paste more complex scripts containing HTML, Javascript, PHP, applets, etc.
If you need to use additional files in the topic for your script (like for instance images, videos or applets) you can add them to the list of additional files.

Where and how to add your Scripts ?

  • if your script (CSS, Javascript, ...) has to be placed into the <head> section of your page, you can do that from the "head" button located in the SEO properties of your topic (or from TOWeb step "Options > Security & HTML > HEAD" if you want that your script to be applied to all pages of your site)
  • if your script (PHP and/or JavaScript) has to be added inside the page content and before the </body> tag then just add your TOWeb script field inside the last paragraph of your topic (or inside the page footer if you want your script to be applied to all pages of your site)  
  • if your JavaScript requires to be called only when the page is fully loaded (eg for JQuery functions if you use this library) then you need to declare a function named onTOWebPageLoaded in which you will copy / paste your code (the name of this function is case sensitive). Below is a small script example that changes the link upon click on the logo of your site to redirect to the Google site intead of going to your home page:

onTOWebPageLoaded function () {
$('#logo').click( function() { window.location = ""; return(false); } );
</ script>

PHP scripts
If you want to include a PHP script you need to use the Script Field as previously described but also have rename the topic file name with the file extension ".php". By default TOWeb gives to your topic an "Automatic" page name base on the topic title whith ".html" extension. To set or change a topic filename, just go to the "Topic settings" and inside the Search engine optimization type your filename with its filename extension before to press the check button aside.

Text Fields

The example of %ADDRESS%

1) From the Fields' Editor create a new field by clicking on Add the new field
2) Its default name is NEW_FIELD. Rename it to ADDRESS
3) Set the Field Type to Text
4) In the Text Field Content replace the default text ("Enter your field text here") by your full address. You may enter it on several lines like for instance :
911 Easy street
94043, Mountain View, CA
5) Click on the OK button and save your changes.

Now you have created a field ADDRESS containing your address. Every time you will need to use your address in a paragraph of your topics, simply type %ADDRESS% (with % at the beginning and at the name) or insert it where you want with a right-clicking and by selecting ADDRESS from the popup menu.
Then generate your website and this %ADDRESS% will be replace by the address you entered in all the web pages where you use it.

This example uses an email address but you may use text fields for any other purposes and text content you need (a copyright notice, the name of your company, a phone number, your slogan, etc). In fact any text information (short or long) that you may use at different places in your web site but do not want to update every time every where.

Predefined fields

If you want to place links pointing to the page of your site that contains your privacy policy, you can use the %TW-PRIVACY% field inside your texts.
If you use a introduction/agreement page on your site you can use the %TW-SITE-AGREEMENT% field.
In an e-Commerce site, the acceptance text of the sales conditions (modifiable from "Options> Languages > Translate predefined texts > Shopping cart management") can use the %TW-TOS% field to create a link to your Terms of Sales.

Risks and tips when integrating third-party scripts into your site

TOWeb allows you to add scripts to your site by using the HTML script fields. But unless you have knowledge of web programming and have developed your own scripts, you will probably use third-party services from another site. And if this is when there can be a big danger, not only for you and your website but also for all your visitors!!!

A classic example, the "scam" of web counters

Very popular before the 2000s, web counters have since fallen out of use for more than a decade. All webmasters or web professionals know this but not beginners, which can make you the ideal victim of a scam because such  "so-called free and innocuous" service 

  1. often hides and includes malicious features like for example the appearance of unwanted messages or advertisements on your site, 
  2. or the spying of all the people who visit your site, or other malicious actions without their knowledge 
  3. and even the installation of virus/malware on your web server.

How to do things well

Before integrating a third-party service into your site, it is important to read the conditions of use of the service you intend to add to your site and search the internet for some user reviews. This will allow you:

  1. avoid the majority of unwanted surprises that you may not have even considered,
  2. determine the possible cookies and other data collected by this service that you will report to the level of the privacy policy page of your site to comply with the GDPR,
  3. and in a general way but also for the previous example about "web counters", rather prefer the use of services much more powerful and well known by choosing first those your host provider may offers (if ever they provided web tools/scripts you can use on your account/web server) or by using Google Analytics or other competing alternatives already famous that will bring you much more useful for the SEO of your site thanks to the numerous information and statistics, like for example to know how long the Internet users remain on your homepage (and any other pages), where they come from before viisting your site, or obtain more information on the profile of your visitors (country, age, men/women, ....).

How to proceed if you already used a malicious script

If you have used third-party scripts and notice the presence of completely abnormal behavior of your site when visiting it on the internet (such as the appearance of messages or unwanted advertisements) then:

  1. Browse through all the topics on your site in order to find and remove all the %SCRIPT% fields that you added to various places and then publish your site entirely. This will verify and confirm that the problem you have comes from there (if it is not the case then you will be able to put them all back and you will have to contact your host for more explanations on the problem you notice.
  2. If the problem disappears from your site after removing all your third-party scripts then add your script fields again in your pages but only 1 by 1 and republishing your site each time to identify which ones are problematic/undesirable. Remember also to delete the temporary internet files from your web browser after each new publication of your site to be sure that your web browser does not reuse pages/scripts stored in its cache.
  3. Then contact the company or website responsible for the service (or services) you used to ask them for explanations (without forgetting to re-read the conditions of use of their service).
  4. If applicable, depending on the answers (or non-responses) of the third-party services that you have used, report the possible fraudulent practice to the authorities that you consider advisable, such as for example certain government agencies/institutions of your country, user forums, antivirus/malware editors, ...
  5. Make sure you have an up-to-date antivirus to eradicate any spyware and/or malware from your computer before republishing your site.
  6. Contact your host provider to ensure that absolutly no virus/malware/spyware/trojans has been installed on your account or seb server.