tags:

views:

168

answers:

3
+1  Q: 

How to use Ajax to inject specific PHP function using URL, or other method?

Hey all,

I'm moving from the realm of just JS to php and Ajax. I've dabbled some with PHP in the past. I really appreciate how much help stackoverflow has been in helping me with basic questions.

let says I have a div called #divName.

I use the following JS for Ajax. Some of this is just pseudo code.

var request = false;
   try {
     request = new XMLHttpRequest();
   } catch (trymicrosoft) {
     try {
       request = new ActiveXObject("Msxml2.XMLHTTP");
     } catch (othermicrosoft) {
       try {
         request = new ActiveXObject("Microsoft.XMLHTTP");
       } catch (failed) {
         request = false;
       }  
     }
   }

   if (!request)
     alert("Error initializing XMLHttpRequest!");

   function getAjaxInfo(<name of the php function???>) { //<<<<< this is the function I need help with
    var myFunction= nameOfPHPfunctionIJustGot;
     var url = "filename.php?func=" + myFunction;
     request.open("GET", url, true);
     request.onreadystatechange = updatePage;
     request.send(null);
   }

  function updatePage() {
     if (request.readyState == 4) {
       if (request.status == 200) {
         var response = request.responseText;
             document.getElementById("divName").innerHTML = response; //probably going to use Jquery append here, but this example works.
               } else
         alert("status is " + request.status);
     }
   }

The I have my fileName.php file:

<?php

function header() { ?>
   header content goes here
<?php }

function footer() { ?>
    footer content goes here
<?php }

?>

My goal is that when I execute getAjaxInfo(), I can pull whatever PHP function I want.

So lets say if I do a onClick="getAjaxInfo(header)" it will get the php header function, apply it to a javascript function, and then apply that to a div.

Any help would be appreciated!

+2  A: 

Try with:

$func=$_GET['func'];
if(function_exists($func)) $func();

In this way you get the function name passed by GET and the execute it.

If you want to be able to call only certain functions:

$allowedFunctions=array("header","footer");
$func=$_GET['func'];
if(in_array($func,$allowedFunctions) && function_exists($func)) $func();
mck89  2010-01-22 15:51:04
But in you probably want to use some sort of whiteliste instead of allowing calls to arbitrary functions (even if you limit it to parameter-less functions)
VolkerK  2010-01-22 15:53:02
Grr... I was just in the middle of writing that exact code. Ya beat me to it. :) Also, as long as you have jquery around, I'd strongly recommend using it's ajax functions, rather than rolling your own.
sprugman  2010-01-22 15:53:26
ha! I didn't even think to check if jquery had ajax functions...drr
Jared  2010-01-22 15:56:02
Just a note - remember I'm a major noob. I understand code when it's put before me, but I have no idea how to plug that into the code I provided.
Jared  2010-01-22 15:57:07
Write that code when you want to call the function. Put it at the end of the file and it will work.
mck89  2010-01-22 16:00:19
That code protects it from just any function executing and allows me to pass it through the URL, but I still don't know how to setup the JS? How do I pass `getAjaxInfo(funcName)` to var `myFunction` ?
Jared  2010-01-22 17:26:36
If you are asking me how to pass the desidered function name to myFunction do it in this way:function getAjaxInfo(myFunction) { var url = "filename.php?func=" + myFunction; request.open("GET", url, true); request.onreadystatechange = updatePage; request.send(null); }
mck89  2010-01-24 11:23:06
+2  A: 

Picking up on @VolkerK's suggestion, and adding a failure function:

$func = $_GET['func'];
$allowed = array('header', 'footer');
if (in_array($func, $allowed) && function_exists($func)) $func();
else default_action();
sprugman  2010-01-22 15:56:35
thank you for the additional functionality :)
Jared  2010-01-22 17:10:03
+2  A:  
<?php

$allowedFunctions = array(
   'header',
   'footer'
);

$functionName = $_GET[ 'func' ];

if( in_array( $functionName, $allowedFunctions ) && function_exists( $functionName ) )
{
    $functionName();
}

/* your function definitions */
?>

$allowedFunctions is a whitelist array of user defined (i.o.w. your) php functions that you want the ajax call to allow to execute. If you don't keep this whitelist, your script will be potentially dangerous, since it would allow anyone to execute an arbitrary function. That is something you definately do not want.

fireeyedboy  2010-01-22 15:57:23

related questions

IDE suggestions: Eclipse IDE vs. Zend Studio ( confused )
MySQL/Apache Error in PHP MySQL query
Lightweight IDE for Linux
What PHP framework would you choose for a new application and why?
Why is my ternary expression not working?
How can I get at the matches when using preg_replace in PHP?
Mechanisms for tracking DB schema changes
Wordpress theme development offline tools
Using object property as default for method property
How can I get the authenticated user name under Apache using plain HTTP authentication and PHP?
Make XAMPP/Apache serve file outside of htdocs
How do you debug PHP scripts?
PHP Variables passed by value or by reference?
Best way to implement unit testing in PHP
Connect PHP to an AS/400
Best way to access Exchange using PHP?
PHP Session Security
How do I access a remote form in php?
What's the best way to generate a tag cloud from an array? (using h1 through h6 for sizing)
Apache/PHP: error_log per Virtual Host?
How do I track file downloads with apache/PHP
How would you access Object properties from within an object method?
Flat File Databases in PHP
Best way to allow plugins for a PHP application
Latest information on PHP upcoming releases