-1

Is it possible with Javascript to dynamically generate php code and run it without reloading?

node ninja
  • 31,796
  • 59
  • 166
  • 254
  • 1
    javascript is a client language, php a server language... i think the answer is no... why you want this? – silly Mar 09 '12 at 09:36
  • Yes, but **don't do it**. It would be horribly, horribly unsecure. If you described a bit what you want to accomplish, I'm sure that there's another way of getting to it. – JJJ Mar 09 '12 at 09:37
  • 1
    Why the heck would you want to do that?? – Phil Rykoff Mar 09 '12 at 09:37
  • Because I have some PHP which does something, but I want to use Javascript to be able to dynamically set some things in the PHP. – node ninja Mar 09 '12 at 09:38
  • Possible duplicate of http://stackoverflow.com/questions/7126039/display-php-using-javascript – Julian D. Mar 09 '12 at 09:39
  • 1
    You should just send the parameters that set the "things", not the entire PHP code itself. – JJJ Mar 09 '12 at 09:39
  • 1
    You can hand over parameters (post and/or get, e.g. an articleId) to the PHP script via the Ajax call. The PHP script could analyze these and respond accordingly (e.g. respond with the corresponding article). This is common practice. – Phil Rykoff Mar 09 '12 at 09:39
  • What are you actually trying to achieve? Whatever it is, I suspect you're doing it wrong. – TRiG May 07 '12 at 18:49

3 Answers3

2

Well, technically, you could use ajax to send the code to backend that would then save it and another ajax call to run it but that would be a tremendous security hole, i.e. DONT DO IT

scibuff
  • 13,377
  • 2
  • 27
  • 30
2

You have to understand something, Javascript is Client-Side language, and PHP is Server-Side, hence you can't use Javascript to "generate" PHP code.

What you can do is send data through a request via POST or GET using AJAX to a PHP file, which will do something with that data and then return a response without reloading the page.

davidaam
  • 443
  • 1
  • 8
  • 17
  • actually as scibuff said you can, you could send the php code via AJAX to a php file which will receive the php code as a string and then save it, but as Juhana said, it would be a TREMENDOUS security hole, as anyone with access to that form to create and run php code on your server would have entire access to it – davidaam Mar 09 '12 at 09:41
0

Yes you can do it but it is pointless and dangerous. You can "generate" php code for some purposes /eg automated php script modification/ but you should never allow server side to directly execute unescaped input.

Looking at your question I suppose you dont clearly make the difference between Client and Server sides scripting. So make sure you realize it!

I suggest you think again and find better solution to your problem /or ask if you cant/.

Some further information : XSS

Boris D. Teoharov
  • 2,319
  • 4
  • 30
  • 49