How can I access the same Session object from both PHP and JavaScript
hi, thanks for your time.
After the user is logged into a web application, his user ID, e-mail etc are added to the session variable with JavaScript. I would like to access these session variables using PHP as well.
I tried this:
In my TEST.ASP page:
<%@LANGUAGE="JAVASCRIPT" CODEPAGE="1252"%>
<%
Session("Testing") = "Hi daar";
%>
.
.
.
<body>
<form method="post" action="UserView.php">
<% Response.Write('JS Testing = ' + Session("Testing")); %><br>
<% Response.Write('PHP abc = '); %> <? php session_start(); print $_SESSION["abc"]; ?> <br>
<% Response.Write('PHP abc 2 = ' + Session("abc")) %><br>
<input type="submit" value="submit">
</form>
</body>
In my UserView.PHP file:
<?php
session_start();
$_SESSION['abc'] = 'jou klein rakker';
?>
<body>
<form method="post" action="test.asp">
<?
echo 'JS Testing ' . $_SESSION["Testing"] . '<br>';
echo 'PHP abc ' . $_SESSION["abc"] . '<br>';
echo 'PHP abc 2 '; ?> <%@LANGUAGE="JAVASCRIPT" Response.write(Session('ab
?>
<input type="submit" value="submit">
</form>
</body>
Am I going about this the right way?
I thought this could work as well. After the user logged in, I redirect to a php page that would accept those values are parameters in the URL, store it in the session, and redirect to the page the Login.asp would go to e.g. Index.asp. Could this work? I'd prefer the first option.
Thanks
After the user is logged into a web application, his user ID, e-mail etc are added to the session variable with JavaScript. I would like to access these session variables using PHP as well.
I tried this:
In my TEST.ASP page:
<%@LANGUAGE="JAVASCRIPT" CODEPAGE="1252"%>
<%
Session("Testing") = "Hi daar";
%>
.
.
.
<body>
<form method="post" action="UserView.php">
<% Response.Write('JS Testing = ' + Session("Testing")); %><br>
<% Response.Write('PHP abc = '); %> <? php session_start(); print $_SESSION["abc"]; ?> <br>
<% Response.Write('PHP abc 2 = ' + Session("abc")) %><br>
<input type="submit" value="submit">
</form>
</body>
In my UserView.PHP file:
<?php
session_start();
$_SESSION['abc'] = 'jou klein rakker';
?>
<body>
<form method="post" action="test.asp">
<?
echo 'JS Testing ' . $_SESSION["Testing"] . '<br>';
echo 'PHP abc ' . $_SESSION["abc"] . '<br>';
echo 'PHP abc 2 '; ?> <%@LANGUAGE="JAVASCRIPT" Response.write(Session('ab
?>
<input type="submit" value="submit">
</form>
</body>
Am I going about this the right way?
I thought this could work as well. After the user logged in, I redirect to a php page that would accept those values are parameters in the URL, store it in the session, and redirect to the page the Login.asp would go to e.g. Index.asp. Could this work? I'd prefer the first option.
Thanks
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
oh woops... I did the ASP part wrong.
document.write('<%= Session("VariableName") %>');
document.write('<%= Session("VariableName") %>');
Yes, Ashley, you're right, but in the question, the Javascript used is not client side but server side.
And in this case, you simply can not mix it with PHP (Javascript is the ASP language in this case).
And in this case, you simply can not mix it with PHP (Javascript is the ASP language in this case).
Ahhh....yes. I didn't bother looking at the language attribute he used for the ASP because, quite frankly, I never see anyone use anything other than VB Script. That aside, I think we both made it fairly clear that you can't have the session variables bouncing around between the different formats.
ASKER
I thought I'd give this a try and it worked. Well, thus far.
After the user is logged in a bunch of variables are stored in the session object (using JavaScript). After all the session variables are added, I redirect to a PHP page that accepts the user id, name etc. as parameters via the URL. The php page then adds these variables to a PHP session object, redirect the the index page and whoala. The ASP and PHP session objects are set.
After the user is logged in a bunch of variables are stored in the session object (using JavaScript). After all the session variables are added, I redirect to a PHP page that accepts the user id, name etc. as parameters via the URL. The php page then adds these variables to a PHP session object, redirect the the index page and whoala. The ASP and PHP session objects are set.
That is a way you can achieve this, yes.
But take care of one thing: as the session values are passed to your PHP through URL parameters (either get or post), that means that anyone could initialize a PHP session with any values only by using an url (that is without passing by your ASP pages).
That can be a security problem.
By the way, why do you want to mix 2 server side technologies? Can't you do your application with only one?
But take care of one thing: as the session values are passed to your PHP through URL parameters (either get or post), that means that anyone could initialize a PHP session with any values only by using an url (that is without passing by your ASP pages).
That can be a security problem.
By the way, why do you want to mix 2 server side technologies? Can't you do your application with only one?
Yeah, I totally disagree with that approach as well. It's not secure in the slightest. You'll leave yourself wide open for injection attacks that way. If it's just an intranet thing, you might be okay, but it's still not a good practice to do what you're doing. Pick one language and stick with it. There's more than enough people on EE to answer all of your questions.
ASKER