Is it possible to read a session value with Javascript?
For example, if I assigned a value into a session in PHP:
$_SESSION['msg'] = "ABC Message";
Is it possible to read $_SESSION['msg'] with Javascript?
views:
2994answers:
3
+4
A:
$_SESSION is a server-side construct. You would need to store that variable in $_COOKIE to be able to access it client-side.
Will Green
2009-04-16 04:36:41
Why is this being voted up? harto's solution proves it untrue.
da5id
2009-04-16 22:46:34
Because the first part of the answer is quite correct.
Kalium
2009-04-16 22:47:44
Yes agreed, but it doesn't answer the question and is in fact presenting misleading information.
da5id
2009-04-16 23:28:12
How is this misleading? You cannot read a session variable with javascript. You either have to stuff the value into a cookie, which javascript could access, or have it rendered out to the page itself. That is not very secure.
Will Green
2009-04-17 03:19:28
+1
A:
.. Or you can use ajax to retrive your server side session value into you client-side javascript.` (quick, dirty and untested example, using jQuery)
Javascript Side:
$.ajax({
url: "test.php",
cache: false,
success: function(html){
eval( html ); /// UGLY NASTY YOU MUST VALIDATE YOUR INPUTS... JUST AN EXAMPLE
}
});
PHP side test.php:
echo 'var myData = "'. $_SESSION['msg'].'"';
Luis Melgratti
2009-04-16 05:21:51
+2
A:
A very simple way is to generate the JavaScript with some PHP code:
<script type="text/javascript">
<?php echo 'var msg = "'.json_encode($_SESSION['msg']).'";';
</script>
harto
2009-04-16 05:57:07
If $_SESSION['msg'] stores sensitive information, outputting to an unencrypted page is a security risk, and HTTPS should be used.
Jeff Ober
2009-04-16 12:16:41