How do you read php session in HTML using javascript? -


Firstly, I am developing a mobile application using PhoneGrap / Cordova so that's why I know this route I'm looking for

I am thinking that it is possible to get the position of session from javascript in php because i am just trying to protect users to my whole application.

I have PHP;

  & lt ;? Php $ dbhost = ''; $ Dbuser = ''; $ Dbpass = ''; $ Db = ''; $ Tbl_name = ""; $ Conn = mysql_connect ($ dbhost, $ dbuser, $ dbpass); Mysql_select_db ($ Database); $ Myusername = $ _ post ['myusername']; $ Mypassword = $ _ post ['mypassword']; $ Encrypt_password = md5 ($ mypassword); $ Myusername = strip slash ($ myusername); $ Mypassword = StripSlask ($ encrypt_password); $ Myusername = mysql_real_escape_string ($ myusername); $ Mypassword = mysql_real_escape_string ($ encrypt_password); $ Sql ​​= "SELECT * FROM $ tbl_name WHERE user name = '$ myusername' and password = '$ mypassword'"; $ Result = mysql_query ($ SQL); $ = Mysql_num_rows ($ result) count; If ($ count == 1) {session_register ("myusername"); Session_register ("mypassword"); Session_start (); $ _SESSION ["login"] = "yes"; Header ("location: login_success.html"); $ _SESSION ['Data'] echo; } And {session_start (); $ _SESSION ["login"] = "no"; $ _SESSION ['Data'] echo; }? & Gt;  

and the HTML file contains the following javascript

   

I think I'm close, only every time I try to see any of my html pages, they send me back to the index.

Any help will be very good. Thank you

Yes, it seems that you are close

Em> any , you should keep this in mind:

  • It is the responsibility of the browser to determine whether a user is authorized and a page Accessible;
  • If a reserved page is accessed with insufficient athorization (not logged in) then the server should redirect;
  • $ .get ('checklogin.php', function (data) { should not be done at all, it must be server-side (in PHP);
  • The password is divided into pieces (encrypted).
  • No) with MD5 which may be adequate for your site, but usually use salt and strong hash (at least);
  • Not only results Examine it, but actually get some information from DB and use it to prove it.

Something like this:

  Select username where ...  

And this:

  $ a certified = strcasecmp ($ user name, $ result_username) === 0; < / Code> 

To solve your problem now, you have to present at least one variable in PHP which tells the JavaScript code to redirect. . Something like that.

in HTML / PHP:

  & lt; Script & gt; If (& lt;? Php Echo ($ authenticated? 'True': 'wrong');? & Gt; {alert ("good boy!"); } And {alerts ("Bad trady is bad!"); } & Lt; / Script & gt;  

Build this HTML result:

  & lt; Script & gt; If (true) {warnings ("good boy!"); } And {alerts ("Bad trady is bad!"); } & Lt; / Script & gt;  

This is enough to disable Javascript and the page will not react to this code at all and will display the contents without interruption.

Link:


Comments