How can I access the same Session object from both PHP and JavaScript

hi, thanks for your time.

After the user is logged into a web application, his user ID, e-mail etc are added to the session variable with JavaScript. I would like to access these session variables using PHP as well.  

I tried this:
In my TEST.ASP page:
<%@LANGUAGE="JAVASCRIPT" CODEPAGE="1252"%>
<%
Session("Testing") = "Hi daar";
%>
.
.
.
<body>
<form method="post" action="UserView.php">

<% Response.Write('JS Testing = ' + Session("Testing")); %><br>
<% Response.Write('PHP abc = ');  %> <? php session_start(); print $_SESSION["abc"]; ?>  <br>
<% Response.Write('PHP abc 2 = ' + Session("abc")) %><br>

<input type="submit" value="submit">

</form>
</body>

In my UserView.PHP file:
<?php
      session_start();
      $_SESSION['abc'] = 'jou klein rakker';
?>
<body>
<form method="post" action="test.asp">
<?
      
      echo 'JS Testing  ' . $_SESSION["Testing"] . '<br>';
      echo 'PHP abc  ' . $_SESSION["abc"] . '<br>';
      echo 'PHP abc 2 ';  ?> <%@LANGUAGE="JAVASCRIPT" Response.write(Session('abc'); %> <? echo '<br>';
?>

<input type="submit" value="submit">
</form>
</body>

Am I going about this the right way?

I thought this could work as well.  After the user logged in, I redirect to a php page that would accept those values are parameters in the URL, store it in the session, and redirect to the page the Login.asp would go to e.g. Index.asp.  Could this work? I'd prefer the first option.


Thanks

LVL 1
ruanlab123Asked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

smaccariCommented:
Looks like there is something weird in all of this.
You are mlixing in one single page two server side technologies - ASP and PHP.
You simply can't do that, as the PHP code won't be parsed by the ASP engine (and ASP won't be parsed by the PHP engine).
0
ruanlab123Author Commented:
yeah, I guess it's a bit crazy.  I'm not used to this web development.  The application world is so much easier.
0
Ashley BryantSenior Software EngineerCommented:
Honestly, it's not that different from the application world anymore.  You can't build an application using VB, C, and Java all in one assembly can you?

You CAN inject a session variable into Javascript in either ASP or PHP during the page build.  However, you cannot pass session values between ASP and PHP.  Well, ok, you COULD do this if you wanted to generate an external file, or save the session variables in a database somehow, but hoenstly that would be way more trouble than it is worth.

Anyway...  Here's how you can get your asp or php variables to show up in a javascript function:

In ASP:

<script language="javascript">
function blah {
     document.write('"& Session("VariableName") &"');
}
</script>

In PHP:

<script language="javascript">
function blah {
     document.write('<?php echo $_SESSION['VariableName']; ?>');
}
</script>

0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Cloud Class® Course: Microsoft Windows 7 Basic

This introductory course to Windows 7 environment will teach you about working with the Windows operating system. You will learn about basic functions including start menu; the desktop; managing files, folders, and libraries.

Ashley BryantSenior Software EngineerCommented:
oh woops... I did the ASP part wrong.

document.write('<%= Session("VariableName") %>');
0
smaccariCommented:
Yes, Ashley, you're right, but in the question, the Javascript used is not client side but server side.
And in this case, you simply can not mix it with PHP (Javascript is the ASP language in this case).
0
Ashley BryantSenior Software EngineerCommented:
Ahhh....yes.  I didn't bother looking at the language attribute he used for the ASP because, quite frankly, I never see anyone use anything other than VB Script.  That aside, I think we both made it fairly clear that you can't have the session variables bouncing around between the different formats.
0
ruanlab123Author Commented:
I thought I'd give this a try and it worked.  Well, thus far.

After the user is logged in a bunch of variables are stored in the session object (using JavaScript).  After all the session variables are added, I redirect to a PHP page that accepts the user id, name etc. as parameters via the URL.  The php page then adds these variables to a PHP session object, redirect the the index page and whoala.  The ASP and PHP session objects are set.



0
smaccariCommented:
That is a way you can achieve this, yes.
But take care of one thing: as the session values are passed to your PHP through URL parameters (either get or post), that means that anyone could initialize a PHP session with any values only by using an url (that is without passing by your ASP pages).
That can be a security problem.
By the way, why do you want to mix 2 server side technologies? Can't you do your application with only one?
0
Ashley BryantSenior Software EngineerCommented:
Yeah, I totally disagree with that approach as well.  It's not secure in the slightest.  You'll leave yourself wide open for injection attacks that way.  If it's just an intranet thing, you might be okay, but it's still not a good practice to do what you're doing.  Pick one language and stick with it. There's more than enough people on EE to answer all of your questions.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Web Languages and Standards

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.