0

At the top of the page, Before the html tag, I have this

<?php

    session_start();
    $str = "f=6&t=3&e=1&view=unread#unread";
    $_SESSION['params'] = $str;

?>

Inside the HTML in the head section I have this:

<script>
window.onload = function()
{
     var url = "http://beleuramyhome.org.au/phpBB3/viewtopic.php?"; 
     var args = "<?php echo $_SESSION['params'] ?>";
     url += args; 

     alert(url);
}
</script>

But what I get is this , Why?

http://beleuramyhome.org.au/phpBB3/viewtopic.php?<?php echo 
$_SESSION['params'] ?>

Instead of the combined strings?

Alex Evans
  • 3
  • 7
  • 2
    Thanks because you HTML file doesn't parse PHP codes. What is your HTML file extension? – AliN11 May 31 '18 at 06:34
  • You cannot move your javascript with php code inside to a *.js file, or else the php code won't be parsed. Also, keep an eye out for XSS vulnerabilities. – Adrian Baginski May 31 '18 at 06:42

1 Answers1

1

If your $_SESSION['params'] is an array then you need to implode it and then use the urlencode() PHP function to encode it

urlencode(implode('&', $_SESSION['params']))

else just use urlencode() PHP function to encode your string

urlencode($_SESSION['params'])

I you still don't get required output, first check what type of data, or if any data, $_SESSION['params'] returns.

Hope this helps.

Vasile Florin Vilsan
  • 315
  • 1
  • 3
  • 9
  • it is clear that session is not array ! `$str = "f=6&t=3&e=1&view=unread#unread";` – noder May 31 '18 at 06:43
  • Thanks for the comments, It is fixed - my page .php of course was corrupt, when I created a new page it all works as expected – Alex Evans Jun 01 '18 at 23:02