0

Possible Duplicate:
Access PHP variable in JavaScript

I'm currently working on a countdown timer for a quiz. However, the admin can set a quiz at different time intervals like 15, 30, 45, 60 mins. I used this as a php variable and for the countdown I'm using a JavaScript. The problem I'm facing now is I don't know how to echo out the php variables in using the JavaScript. So once the the admin set 15 mins and a student click the quiz the 15 mins timer will start to count down and when it reaches 0 it will says "Time is up! End of quiz. Answers have been submitted successfully."

Please help! ):

Community
  • 1
  • 1
user1079889
  • 39
  • 1
  • http://stackoverflow.com/questions/4287357/access-php-variable-in-javascript – Bryan Dec 04 '11 at 08:57
  • Using this method is prone to exploits. If the server side only sets the maximum time, but does not perform the counting, the user could do anything with the javascript: turn it off, or alter the source and create a fake version of the quiz where he can control the time (and maybe other variables) at will. – vsz Dec 04 '11 at 09:04
  • What's with the downvotes? I think this is an absolutely valid question. – nico Dec 04 '11 at 09:14
  • 1
    @nico: People fail to see that an honest question posted by a beginner is a valid question, and they downvote because it has some mistakes or inaccuracies in terminology. :( – vsz Dec 04 '11 at 09:21

2 Answers2

2

What you always need to remember is that anything that happens on the client is exploitable. If you rely on Javascript to update the time counter then you are also giving a lot of trust to the users, in that they won't mess around with it.

The best thing to do is handling the timer with JS for graphical purposes and let the server check the actual time.

There are several ways to do that, one that comes to mind is:

  1. The student starts the quiz, you will dynamically generate the JS code by using an echo statement, either directly e.g.:

    echo "<script type='text/javascript'>var maxtime=".$maxtime."; ... </script>";

    or (better) as the other answer says generate an hidden field that you can then read from JS.

  2. The PHP code will also store the max finishing time (i.e. current time + 15 min or whatever the allotted time is) in a session variable.

  3. You will have a JS counter that goes down to 0. When it reaches 0 it will automatically submit the page, or ask the user to do so etc.

  4. When submitting the answers (either because the time ran out OR because the user finished in time and submitted the answers himself) the PHP will check that the current time is not greater than the max time stored in the session var.
    This will allow you to check that the user did not cheat.

This is not the only option, you could, for instance, save the starting time (or the max finishing time) in a DB, it really depends how you are coding the page.

nico
  • 50,859
  • 17
  • 87
  • 112
  • Timer:
    – user1079889 Dec 05 '11 at 06:22
0

you just have to echo the timer in a hidden input or div like : 

<div id="time">timer : <?php echo $time; ?></div>

and then get this value with for example jquery : 

var time = $.('#time').html(); //extract the timer: string path from this one

and you can use the variable anyway you want.

LostMohican
  • 3,082
  • 7
  • 29
  • 38
  • 4
    Why mess around with hidden divs and not just pass the value to the variable directly with `var time = ;` ? – JJJ Dec 04 '11 at 08:57
  • 1
    And mentioning jQuery is only going to complicate things more... – Bryan Dec 04 '11 at 09:02
  • @Juhana: Because that allows you to have the JS in a .js file, separated from the PHP. Much better. – nico Dec 04 '11 at 09:11
  • There's nothing wrong with initializing JS variables in the HTML file. What this solution does is that it initializes a variable using a hidden HTML element, which is both ugly and unnecessarily complicated. – JJJ Dec 04 '11 at 09:19
  • @Juhana: it makes it much more maintainable. Initialising a variable in the php file means that in a month's time he's going to look at his JS file and he will lose an hour trying to understand where that damn timer variable is initialised... – nico Dec 04 '11 at 13:14
  • 1
    @Bryan you are welcomed to use document.getElementByid ... – LostMohican Dec 04 '11 at 13:21