I need to erase a certain session variable from a javascript function how can i do this?
I don't think this is possible. Sessions live on the server (not strictly true I know, but for the purposes of this answer, it's true enough).
I would write a script (PHP or somesuch) that unsets the session variable and fire off an ajax call to it.
You would need to use an Ajax call to the server to access/delete the session variable as sessions are controlled/handled only on the server side, not the client side.
Related
To my amusement, I understand that one can call session functions in CLI. The way I understand it sessions make sense when the script is running in a response to an HTTP request (e.g. inside a WebServer). Insights ?
You probably want to access a session storage via CLI, and the easiest way is to set the session id, start the session and read from $_SESSION, instead of adding a lot of own code to fetch and parse the serialized data. You won't get the session id via cookie, POST or GET data, though. You have to pass it somehow. Also, you won't benefit from a created cookie when the session is started on CLI.
I have a php function that's run when a build.php page is loaded and creates a $variable. I have save.php also, which is called via an ajax function in scripts.js (taking data sent through POST), but I need to use $variable in save.php.
Is there a good way to send further data through ajax without it being visible on the front end?
I thought of using a $_SESSION variable for this, which seems like it would work, but I understand it may not be totally reliable and is not always a good idea (though this might have been overstated where I was looking).
Is that the best way? Or is there some other way to get a PHP variable to another one via javascript without it being in the front end code?
Session variables exist only on the server, not on the client. For you to save a session variable that was originated by your javascript function in the browser you will need to pass it to the server somehow. And as you probably realize you don't have much control on what happens on the client side. They can pretty much change any post information you send over to the server - there are some programs that do that fairly easily.
Even if you use ajax, the client can still mess with your variables.
You could try to encrypt the information before sending it.
If in the other hand you want to pass variables between two scripts running on the server you can definitively do that using session variables.
Update
It seems that you are creating the variable in your first script and then there is a javascript function that calls the second script and you need the second script to access the variable created by the first script.
In the above scenario you can definitively use session variables. This is the main reason they exist. To allow you to pass information among different scripts.
First PHP script
session_start();
logic to create the variable
$_SESSION['myVar'] = $myVar;
rest of the script
Javascript
calls second script / does not change the value of the variable
Second PHP script
session_start();
$myVar = $_SESSION['myVar'];
execute second script
I hope this makes sense.
if you were using JQuery, it's as easy as:
$.post({
url: somurlhere,
data: somedatahere
});
the question is really simple, but i searched it many different ways and the results were not related to my question.
so if i have a session variable in a php file if i open an html page after that and then a php file again, will i be able to retrieve the data ? or do they all have to be adjacent?
I tried php->html->php but i couldn't get the variables on the other side. maybe Im doing something wrong.
Thanks in advance
Not 100% sure what you mean, but if by "open" you mean in the browser, the calls do not need to be adjacent. You just need to do a session_start() in every PHP script in which you want to use session data.
Adjacency is not something that is really relevant for this question.
in PHP way of things, sessions are essentially files that contain serialized data on the server. The browser that called a script containing session_start() call receives a special token that identifies the session on the server, and it is normally (though not necessarily) stored as a cookie.
This effectively means that any php script that uses session_start() and receives a session id (via cookie or otherwise) will read and could use session data, unless it was removed from the server file system between the calls, or the session has expired (frankly, I'm not sure whether PHP removes the expired sessions on the server side).
Accessing anything outside of this model with the browser (html page, or even other sites) will not affect it in any way, unless these actions change or remove session id.
yes...session variable can survive php->html->php.
But on every php page ...very first line should be session_start()
This easy way (I guess): Set a cookie storing the session ID on the first php page. This way, every other php page can access the session ID and use it to restore the stored data, not matter how many (even foreign) pages were in between.
I'd like to inspect the session variable. Best case something that works in the firebugs little interpreter, but if I have to put it in the file thats fine. Right now I just made a short PHP to output $_SESSION, but if I could find something analogous to be done right in the browser that would be ideal. document.cookie doesn't seem to do what im looking for, at least not that i see.
Basically looking for something analogous to $_SESSION that I can use in javascript
EDIT - was trying to see if i could get anything more than, or extract the meaning PHPSESSID=o147cf52u9d7qr251hc3n6ilu2; ASESSIONID=101wvpe-3FA77F204CFF55BA61E696AD3F62F0F8 on the client-side. As it stands I guess i can just write a small ajax function to a url that echos the session. Thanks for the help!
PS - Do those document.cookie values have anything to do with whats inside the session, or are they just identifiers to tell one session from another?
Session data is stored on the server. It isn't accessible to client-side JavaScript unless you manually expose it (e.g. by writing a PHP program that dumps it to JSON and delivers it over HTTP).
The browser just gets a cookie containing a token that identifiers which packet of session data the server side programs should open for a given client.
Just look at what cookies are set in your browser: Firefox,
Chrome, etc.
Edit: oooh, after re-reading your question, you want to ACCESS the session data.
That's not possible via JavaScript for very good reason. XSS would be a breeze. Besides, the data is stored on the server, which JS has no access to (thankfully).
It's not possible to do what you're asking.
I am using FirePHP to debug variables from my Ajax calls, maybe it is what you are looking for?
You can't access PHP sessions within JavaScript directly. You could however make an Ajax call to a PHP script which will return the PHP sessions. This is your best option.
Is there any way to read Session value through JQuery?
Edited:
I am calling a .php file using JQuery. The .php file stores some column values in a session.
What would be the right approach to return those column values to the calling JQuery function?
In PHP, something like (from memory as I've not PHP'd for some time...)
<input type="hidden" id="SessionValue" value="<?php echo $MySessionValue ?>">
Then in jQuery
$("#SessionValue").val();
Sure you can set up a service which serves the Session values in JSON, and then use $.getJSON. But to read it directly is impossible.
Session values are stored on the server, JQuery is a client-side library that runs in the browser. Unless you send the session value down to the client, JQuery won't be able to read it.
I assume that you're referring to a server-side session in ASP.Net or PHP.
Not directly.
However, you could make an AJAX call to server-side code that returns something from the session.
If you do, beware of information disclosure.
Session values can only be read on server-side. Still if you are really hard-bent on what you want to do, you can write a Ajax enabled web-method in your code-behind that responds with session value for the given key as argument. You can call this webmethod from JQuery and retrieve the session value!
The ways sessions are associated with a client is by using cookies. That's where maybe the confusion takes place.
But the session data themselves are stored on the server.
Your backend need to send your session values somehow to your page for jQuery to pick it up.