0

I am trying to set a session variable in a php script and get the variable in a javaScript.

In the php program I put an echo command to see if the variable is generated. Nothing happens.

In the javascript I try to write the variable to the screen and I see nothing. If I put single quotes around the get command I just get a display of that command.

php:

$full_name = $_POST['Full_Name']; // required
$names = explode(" ", $full_name);
$_SESSION['myvar'] = $names[0];
echo ($names[0]);

javascript:

<script type="text/javascript">
var name = @Session["myvar"];
document.write(name);
</script>
Félix Adriyel Gagnon-Grenier
  • 8,422
  • 10
  • 52
  • 65
rickzipser
  • 149
  • 1
  • 1
  • 7

3 Answers3

0

Writing JavaScript with PHP...hmmm...as a programmer that has inherited code where other programmers did this...Please don't. It's hard to see what's going on when you start mixing languages together.

As to your actual problem...generally, you put stuff into the Session that you want to keep "secret", or stuff that you have already properly secured, like the User's ID value of who is logged in so that when they go to the next page, you see the User ID in a session and you trust that data because it came from your server rather than the user. POST, GET, and COOKIE data is insecure, so you don't trust what the user is sending you.

In any case, for stuff that you want to be accessible to both PHP AND Javascript, if you're not using web services, I would suggest using cookies might be the better practice.

setcookie('FirstName',$_SESSION['myvar']);

http://php.net/manual/en/function.setcookie.php

Admittedly, getting cookie values with JavaScript is a pain in itself, but people have already written the code for you, so it shouldn't be as painful:

Get cookie by name

function getCookie(name) {
    var value = "; " + document.cookie;
    var parts = value.split("; " + name + "=");
    if (parts.length == 2) return parts.pop().split(";").shift();
}

var name = getCookie('FirstName');

[EDIT] I would also say that the other poster's answer, putting it into a data-attribute within the HTML, is also a good practice and more clear than writing to JS directly.

<body data-first-name="<?php echo htmlspecialchars($firstName) ?>">
Community
  • 1
  • 1
Kevin Nelson
  • 7,613
  • 4
  • 31
  • 42
0

Direct use of PHP in a JS-script is really not useful if you want to make it scalable.

Use it like this

myprintoutscript.js

function writeOnDocument(name){
    document.write(name);
}

In most cases it is better to call a js-function from the outside with a variable (in your case the session)

index.php

<script>
    //referencing to function in myPrintOutScript.js
    writeOnDocument("<?= $_SESSION['myvar'] ?>");
</script>

Or readout a html data-attribute, for example a body

index.php

<body data-session-name="<?= $_SESSION['myvar'] ?>">

and call it from a script:

windowIsLoadedScript.js

var body = document.getElementsByTagName("BODY")[0],
    name = body.getAttribute("data-session-name");

 //referencing to function in myPrintOutScript.js
 writeOnDocument(name);

The more you keep things separated, the easier it is to make your building blocks stack on to each other.

Drifter
  • 281
  • 1
  • 9
-1

write session_start(); at the starting of the php file. then catch the variable into js like this. 

<script type="text/javascript">
    var name ="<?php echo $_SESSION['myvar'];?>";
    document.write(name);
   </script>
Tanjima Tani
  • 580
  • 4
  • 18
  • That's going to blow up JavaScript without quotes unless the value is guaranteed to be an integer/bool/etc. Do `var name = ""` – Kevin Nelson Feb 20 '15 at 16:24