attn: php and/or javascript gurus

Discussion in 'Web Design and Development' started by brianellisrules, Feb 13, 2006.

  1. brianellisrules macrumors regular

    Oct 17, 2003
    OK, I won't post my code right away but instead I'll start with a scenario and a question.

    Let's say I have a standard link on my page:
    <a href="">link</a>
    Here's what I'd like to happen... the user clicks on the link. They're prompted with a dialog box. They fill out the info (one word) and then the page that loads checks that word against a stored value.

    My initial thought was that the new page would have a javascript in it that would pop up a prompt box for the user. The user inputs the word and the page checks that against the stored value.

    I tinkered with that for a while, but I'm pretty sure I'm running into an issue of client-size (javascript) and server-side (php). The purpose of the javascript is to get the variable from the user and the php is to check the variable and process the rest of the page (php/mysql interaction, etc). The problem arises because the javascript is getting the variable after the php has already executed (therefore returning a false value all the time).

    (side note: I found some code online to transfer a variable from javascript to php and that part works.)

    Is it possible to reload the page with a specific URL? Perhaps the user inputs the variable in the javascript popup, then the page reloads with the variable in the link, so the php can now process it. Something like: (with ?foo=variable added via the script?)

    Man, this is confusing as crap. If anyone can make any sense out of this, I'll be amazed.
  2. superbovine macrumors 68030


    Nov 7, 2003
    asking google for "passing php variables to javascript". there is a lot examples on this.

    the basic idea is you can generate the javascript with php therefore you can set variables upon generation of the code.
  3. angelneo macrumors 68000

    Jun 13, 2004
    You can have the prompt box at the page where your link is, after processing, your javascript will open the new link. Something like this:

    <script language="Javascript">
    function prompt_box () {
        var yourname= prompt('Please enter your name', ' ');
        document.location.href = ""+yourname;
    <a href="javascript:prompt_box()">link</a>
    Although I wouldn't recommend this way as I find it quite intrusive with any pop up dialog. Why not use a text field instead?
  4. brianellisrules thread starter macrumors regular

    Oct 17, 2003
    Thanks for the replies!

    superbovine: I never thought about keeping it in javascript, but after I read your response I though, "duh!" Thanks :)

    angelneo: That's it, thanks! I basically want to keep people out of a certain page/area. I realize it's probably vulnerable as heck, but it should get the job done.
  5. OutThere macrumors 603


    Dec 19, 2002
    If you want to keep people out of a certain area, a quite secure and really easy to set up system is using .htaccess files. Almost all paid hosting services offer them, and they're really easy to set up if you have your own server. What kind of hosting do you have?

    Much simpler than bungling around with php/javascript 'security' that doesn't really do anything to secure the page anyway.:)
  6. brianellisrules thread starter macrumors regular

    Oct 17, 2003
    Here's the page I'm working with:

    The idea is to make the update section available only to me so I have a convenient way of updating the database. Right now I'm loading the index page and using an include statement to to call the other pages.

    If there's a better way to go about it, I'm all ears.

  7. frankblundt macrumors 65816


    Sep 19, 2005
    South of the border
    you can set up basic authentication on each page with a "require" using something like this:
    //authenticate user
    $username = "you";
    $password = "your password";
    if (!isset($_SERVER['PHP_AUTH_USER'])) {
    	header('WWW-Authenticate: Basic realm=""');
    	header('HTTP/1.0 401 Unauthorized');
    	echo 'You need to be authenticated to use this page';
    } else {
    	if (($_SERVER['PHP_AUTH_USER'] == $username) && ($_SERVER['PHP_AUTH_PW'] == $password)) 
    	} else {
    	header('WWW-Authenticate: Basic realm=""');
    	header('HTTP/1.0 401 Unauthorized');
    		echo "The username and/or password you have entered is incorrect!";
    although including the password in your webserver docs is not that great an idea.

    If you don't have access to the Server's admin you can use htaccess but it's a bit clumsy (as they explain)
    or if you do (for Apache at least) you can use server authentication

Share This Page