I am trying to build a simple web page where a user is prompt to click on an image as many times as desired. Eventually, after user is done s/he should click a link saying "I'm done" that should trigger the server to write to disk a sting (let's say: "I clicked x times", which I can manage to get).
I tried:
<a onclick="WriteNGo()" href="next_index.html">I am Done</a>
and of course:
function WriteNGo() {
$.ajax({
type: "POST",
url: 'php/save.php',
data: {writeMe: textToWrite}
});
}
where textToWrite is a global variable that contains the string. I can
alert(textToWrite)
it and get the required sentence.
and added php/save.php at the correct location:
<?php
$data = $_POST['writeMe'];
$f = "../d/data.txt";
file_put_contents($f,$data,FILE_APPEND);
?>
and did a
sudo chmod +777 d
on the folder.
I only want to end up with a text file containing my string, (i.e. "I clicked x times"). I am not even sure that the POST command triggers the PHP server.
One more thing: the index.html is in the root dir, where I am currently running:
php -S localhost:8000
So that there should have not been any problems.
I should also state that there was one time that the string was written, though I can't reproduce this it.
Not sure if this might address your problem. Maybe, try something like this to see, where your data might be written:
<?php
$data = $_POST['writeMe'];
$path = "../d";
$dir = $path . "/";
if (!is_dir($dir)) {mkdir($dir, 0755, true);}
// A faster alternative to file_put_content
$f = $dir . "/data.txt";
$fp = fopen($f, "x+");
fwrite($fp, $data);
fclose($fp);
?>
Related
My website allows users to input and upload 2 things:
Their name - which they type into a textfield in an HTML form
And a photo - which they upload from their computer also using this same form.
Upon hitting "submit" my Javascript code calls a PHP script sitting on my server, that PHP script takes that data and writes it into a JSON file, puts that file in the right folder, also puts the image where it needs to go - and it all works perfectly thus far.
However, it just dawned on me that anyone reading my Javascript code can find the URL of my PHP script - which means they can then copy-paste that URL directly into the browser - and wreak all sorts of havoc.
Obviously I need to go about all this in a different way.
Should I just not use PHP for this? If so, what other languages or platforms are available for me to do what I just described - in a way that's impossible to hack?
Or is there a way to obfuscate the URL of my PHP script so that no one can copy-paste it into the browser address bar?
Any advice would be greatly appreciated!
================================
UPDATE:
Here’s my PHP script:
<?php
$tokenID = $_POST["tokenIDNum"];
$fileName = "TokenMetadata/token". $tokenID .".json";
$userName = $_POST["userName"];
$imageURL = $_POST["userImageURL"];
// Log out for verification:
echo "Here's what I got so far:<br/>";
echo "tokenID: " .$tokenID ."<br/>";
echo "userName: " .$userName ."<br/>";
echo "imageURL: " .$imageURL ."<br/>";
// CREATE AND SAVE THE NEW METADATA-FILE:
$newMetadataFile = fopen($fileName, "wb");
if( $newMetadataFile == false ) {
// Do debugging or logging here:
echo "OPPS! We got an 'fopen' problem!";
}
else {
$contentString = "{\r\n";
$contentString = $contentString. ' "name" : “Fun Token # ' . $tokenID . '",';
$contentString = $contentString. "\r\n";
$contentString = $contentString. ' "description" : "Another token from our FUN Collection.",';
$contentString = $contentString. "\r\n";
$contentString = $contentString. ' "image" : "' .$imageURL;
$contentString = $contentString. "\r\n}";
fwrite($newMetadataFile, $contentString);
fclose($newMetadataFile);
}
// or die("Unable to open file!");
// $myfile = fopen("token.json", "w") or die("Unable to open file!");
?>
When I copy-paste the URL for this script into my browser - which is what I worry some bad actor might do - it creates a new EMPTY JSON file - and that's without me passing any arguments into that URL. So I'm pretty sure right now someone could not only create new phoney JSON files in this manner, but also rewrite existing ones with false data if they were to pass values for my arguments.
What I need to know is if it's even possible to prevent bad actors from doing this - or if I have to go about this in some totally different way?
My understanding is that if I add SESSION and perhaps CAPTCH I might be ok? (Obviously, I'm no PHP expert.)
Would love any thoughts/suggestions regarding that - before I spend hours going down that rabbit hole.
I have a problem with php include section. In order to fully explain the problem, I created a test page for you.
First I want to show the schema of the files to you. Also you can download the test files from this LINK and you can test it online TEST LINK
As you can see, there is a subfolder in the htdocs (root) file and all php files in there. Now I'll show you the php code within the file, respectively.
appname/index.php
<?php include_once 'includes/config.php';?>
<div class="callPage">Click Here</div>
<div id="testBox"></div>
<script type="text/javascript">
$(document).ready(function(){
var siteurl = '<?php echo $url;?>';
$("body").on("click",".callPage", function(){
$.ajax({
url: siteurl+'content/test',
beforeSend: function() {
//Do something
},
complete:function(){
//Do something
},
success:function(response){
$("#testBox").html(response);
}
});
});
function LoadPage(){
$.get(siteurl+'content/test', function(data) {
$('#testBox').html(data);
});
}
LoadPage();
});
</script>
appname/content/test.php
<?php
include_once 'includes/config.php';
echo $text.'</br>';
echo $worked.'</br>';
?>
appname/includes/config.php
<?php
$url = 'http://localhost:8888/';
$text = 'Well Come! How are you today ?';
$worked = 'It is working :)';
?>
When you open the TEST LINK, LoadPage(); javascript function will call test.php in the content file and display it in #testBox. First you will not see anything in #testBox from index.php . Because config.php can not be included from test.php .
I know if I change this line include_once 'includes/config.php'; from test.php like this include_once '/appname/includes/config.php'; then problem will be fix.
But if the pages multiply and, I want to use the files in the root (htdocs or www) folder, I need to delete appname (subfolder name) => include_once 'appname/includes/config.php'; from all files. It will be a big problem when these files multiply.
Actually the question is exactly:
How can we include php files without specifying the full path to the include, when the application's path relative to the DOCUMENT_ROOT is variable or unknown and include_path cannot be reliably modified by all application users?
This is sometimes a problem with includes when you're not using the absolute path on the system.
Explanation
Depending on how PHP is running could affect the way include&require work, if PHP is running from inside the appname directory it will work fine if php is told it's running inside the appname directory via a connector it's fine. however, if PHP is run for example www-data#/usr/bin/# php /var/www/somesite.com/htdocs/appname/index.php the path can be broken.
Fix
if you use define("FS_ROOT", realpath(dirname(__FILE__))); as the first thing other than if ther is a namespace inside index.php you can then use include FS_ROOT."/includes/config.php"; this means file paths are used from the root of the system so it gets evaluated to include "/var/www/somesite.com/htdocs/appname/index.php"
Why this differs
This differs from ROOT_PATH as ROOT_PATH is sometimes set by PHP configuration by web hosts and this could be the problem. as the PHP execution path could be wrong casing the PHP host application to look in the wrong place for includes and requries.
This also means no include or require should ever be using ../ as you should know the path from your codebase.
your appname/index.php
<?php define("FS_ROOT", realpath(dirname(__FILE__)));
include_once FS_ROOT.'includes/config.php';?>
<div class="callPage">Click Here</div>
<div id="testBox"></div>
<script type="text/javascript">
$(document).ready(function(){
var siteurl = '<?php echo $url;?>';
$("body").on("click",".callPage", function(){
$.ajax({
url: siteurl+'content/test',
beforeSend: function() {
//Do something
},
complete:function(){
//Do something
},
success:function(response){
$("#testBox").html(response);
}
});
});
function LoadPage(){
$.get(siteurl+'content/test', function(data) {
$('#testBox').html(data);
});
}
LoadPage();
});
</script>
your appname/content/test.php
<?php
# as this file is loaded directly and is not in the root directory
# we apend the dirname result with ../ so realpath can resolve the root directory for this site
define("FS_ROOT", realpath(dirname(__FILE__)."../"));
include_once FS_ROOT.'includes/config.php';
echo $text.'</br>';
echo $worked.'</br>';
?>
Ideally, you should go through a bootstrap and .htaccess so you don't have to change redefine the FS_ROOT in every file loaded.
you can do this by making sure mod_rewrite is enabled in apache
create file .htaccess in appname folder
RewriteCond %{REQUEST_URI} \.(php)$
RewriteRule .* bootstap.php [L]
create bootstrap.php
define("FS_ROOT", realpath(dirname(__FILE__)));
include_once FS_ROOT.'includes/config.php';
if(file_exists(FS_ROOT.$_SERVER['REQUEST_URI']){
include(FS_ROOT.$_SERVER['REQUEST_URI']);
}else{
// 404
}
this means you don't require the include for the config as it's automaticly included before the script for that request is wanted this is just a base outline and is not secure (and could be easily exploited to reveal system files contents) I would highly recommend reading up on how to use MVC's and how they work it will give you a better understanding of loading files on demand and requiring files.
If the document file paths need to be dynamic you need to use a database. From what I understand you are planning to make the project bigger, and so you need a normalized database to minimize the amount of code written on the server and to keep your data consistent.
You need:
a parent table for filePaths
a parent table for fileNames
a parent table for akas <== This is because files may have same name in different folders
a parent table for folders
a mapping table to solve the akas-fileNames-filePaths-folders relationships.
I will show on an example from MySQLi.
With this code you create the tables in MySQL console or phpmyadmin:
// Create parent tables
create table `fileNames`
(
`fileName` VARCHAR(70) NOT NULL,
`description` VARCHAR(250) NULL,
PRIMARY KEY(`fileName`)
) ENGINE=InnoDB;
create table `fileAkas`
(
`aka` VARCHAR(100) NOT NULL,
`description` VARCHAR(250) NULL,
PRIMARY KEY(`aka`)
) ENGINE=InnoDB;
create table `filePaths`
(
`filePath` VARCHAR(250) NOT NULL,
`description` VARCHAR(250) NULL,
PRIMARY KEY(`filePath`)
) ENGINE=InnoDB;
create table `folderNames`
(
`folderName` VARCHAR(250) NOT NULL,
`description` VARCHAR(250) NULL,
PRIMARY KEY(`folderName`)
) ENGINE=InnoDB;
// Create mapping table
create table `fileNames_x_fileAkas_x_filePaths_x_folderNames`
(
`aka` VARCHAR(100) NOT NULL,
`fileName` VARCHAR(70) NOT NULL,
`filePath` VARCHAR(250) NOT NULL,
`folderName` VARCHAR(250) NOT NULL,
PRIMARY KEY (`aka`, `fileName`, `filePath`, `folderName`),
FOREIGN KEY (`aka`) REFERENCES `fileAkas` (`aka`) ON UPDATE CASCADE,
FOREIGN KEY (`fileName`) REFERENCES `fileNames` (`fileName`) ON UPDATE CASCADE,
FOREIGN KEY (`filePath`) REFERENCES `filePaths` (`filePath`) ON UPDATE CASCADE,
FOREIGN KEY (`folderName`) REFERENCES `folderNames` (`folderName`) ON UPDATE CASCADE
) ENGINE=InnoDB;
While this piece of code is only to make sure you are not making MyISAM tables because MyISAM doesn't have relationship constraints:
ENGINE=InnoDB
Now make a PHP program to easily add/change the data. Use this as a separate program and upload it to the server only when you need it:
<?php
// Database connection
$con = mysqli_connect("localhost","my_user","my_password","my_db");
// Function helper
function testIfAddedAndInsert($colName, $tableName, $value, $con)
{
$result = mysqli_query($con, "SELECT ".$colName." FROM ".$tableName." WHERE ".$colName."='".$value."'");
if(mysqli_num_rows($result) == 0)
mysqli_query($con, "INSERT INTO ".$tableName." (".$colName.") VALUES ('".$value."')");
}
// Call this to add new file
function addNewFile($name, $aka, $path, $folderName, $con)
{
testIfAddedAndInsert('fileName', 'fileNames', $name, $con);
testIfAddedAndInsert('fileAka', 'fileAkas', $aka, $con);
testIfAddedAndInsert('filePath', 'filePaths', $path, $con);
testIfAddedAndInsert('folderName', 'folderNames', $folderName, $con);
}
// Call this to change a file path
function changeFilePath($aka, $path, $con)
{
testIfAddedAndInsert('filePath', 'filePaths', $path, $con));
mysqli_query($con, "UPDATE `fileNames_x_fileAkas_x_filePaths_x_folderNames` SET `filePath`= '".$path."' WHERE `fileAka`='".$fileAka."' ");
}
// Call this to change all paths of all files that belong to a certain folder
function changeFolderPath($folderName, $path, $con)
{
testIfAddedAndInsert('folderPath', 'folderPaths', $folderPath, $con))
mysqli_query($con, "INSERT INTO `folderPaths` (`folderPath`) VALUES ('".$folderPath."')");
mysqli_query($con, "UPDATE `fileNames_x_fileAkas_x_filePaths_x_folderNames` SET `filePath`= '".$path."' WHERE `folderName`='".$folderName."' ");
}
// ...
// You can make as many different functions as you want
// To populate/change the database example:
addNewFile('config.php', 'conf_PHP_IndexPage', './../conf/', 'conf', $con);
// or change all the paths of the items in the folder (not counting subfolder items)
changeFolderPath('conf', './../../../', $con);
// You could use FOR loops with arrays to enter/change big chunks at a time
?>
Then, after populating your database with valid information, add this to every one of your main PHP files (the files that are including others):
<?php
// Database connection
$con = mysqli_connect("localhost","my_user","my_password","my_db");
// Function returns path of file from database
function returnPathToFile($fileAka, $con)
{
$result = mysqli_query($con, "SELECT fileName, filePath FROM fileNames_x_fileAkas_x_filePaths_x_folderNames WHERE fileAka='".$fileAka."'");
if(mysqli_num_rows($result) > 0)
{
$row = mysqli_fetch_array($result);
return $row[1].$row[0];
}
return '';
}
?>
And then just call the function to get the result:
<?php
$include = returnPathToFile('configFileForTheMainPage', $con);
include_once($include);
?>
If any changes occur to the file paths it is easy to change their values, while not having to ever even open the files ever again (for that purpose).
The ROOT_PATH definition is OK. You could include the path after the definition like:
include ROOT_PATH;
The Test.php is in content folder.
If you want to include config.php from includes folder, you must need to do it relatively, so you need to go one level upper.
include '../include/config.php';
This happening because you run the script standalone with ajax, and the folder structure is relative to the test.php.
I've done the research and most people seem to say there is no great way for this, but I'd like to ask again.
A 3rd party site is returning a value I need via Javascript. Meaning when I view the source of the page I see lots of JS but in the browser it shows me a simple string. When I use CURL I just get the raw JS.
The string I need is simply something like 4b71ec1a4cc2a95f9dfa1c023ecd74e6 The JS that generates this is about 50 lines long. Any way PHP can process this for me?
The source including the JS is:
<!doctype html><html><head></head><body><script>var _0x916d=["\x6C\x20\x42\x28\x78\x2C\x6B\x29\x7B\x70\x20\x61\x3D\x78\x5B\x30\x5D\x2C\x62\x3D\x78\x5B\x31\x5D\x2C\x63\x3D\x78\x5B\x32\x5D\x2C\x64\x3D\x78\x5B\x33\x5D\x3B\x61\x3D\x68\x28\x61\x2C\x62\x2C\x63\x2C\x64\x2C\x6B\x5B\x30\x5D\x2C\x37\x2C\x2D\x31\x77\x29\x3B\x64\x3D\x68\x28\x64\x2C\x61\x2C\x62\x2C\x63\x2C\x6B\x5B\x31\x5D\x2C\x31\x32\x2C\x2D\x31\x76\x29\x3B\x63\x3D\x68\x28\x63\x2C\x64\x2C\x61\x2C\x62\x2C\x6B\x5B\x32\x5D\x2C\x31\x37\x2C\x31\x78\x29\x3B\x62\x3D\x68\x28\x62\x2C\x63\x2C\x64\x2C\x61\x2C\x6B\x5B\x33\x5D\x2C\x32\x32\x2C\x2D\x31\x79\x29\x3B\x61\x3D\x68\x28\x61\x2C\x62\x2C\x63\x2C\x64\x2C\x6B\x5B\x34\x5D\x2C\x37\x2C\x2D\x31\x7A\x29\x3B\x64\x3D\x68\x28\x64\x2C\x61\x2C\x62\x2C\x63\x2C\x6B\x5B\x35\x5D\x2C\x31\x32\x2C\x31\x75\x29\x3B\x63\x3D\x68\x28\x63\x2C\x64\x2C\x61\x2C\x62\x2C\x6B\x5B\x36\x5D\x2C\x31\x37\x2C\x2D\x31\x74\x29\x3B\x62\x3D\x68\x28\x62\x2C\x63\x2C\x64\x2C\x61\x2C\x6B\x5B\x37\x5D\x2C\x32\x32\x2C\x2D\x31\x6F\x29\x3B\x61\x3D\x68\x28\x61\x2C\x62\x2C\x63\x2C\x64\x2C\x6B\x5B\x38\x5D\x2C\x37\x2C\x31\x6E\x29\x3B\x64\x3D\x68\x28\x64\x2C\x61\x2C\x62\x2C\x63\x2C\x6B\x5B\x39\x5D\x2C\x31\x32\x2C\x2D\x31\x70\x29\x3B\x63\x3D\x68\x28\x63\x2C\x64\x2C\x61\x2C\x62\x2C\x6B\x5B\x31\x30\x5D\x2C\x31\x37\x2C\x2D\x31\x71\x29\x3B\x62\x3D\x68\x28\x62\x2C\x63\x2C\x64\x2C\x61\x2C\x6B\x5B\x31\x31\x5D\x2C\x32\x32\x2C\x2D\x31\x73\x29\x3B\x61\x3D\x68\x28\x61\x2C\x62\x2C\x63\x2C\x64\x2C\x6B\x5B\x31\x32\x5D\x2C\x37\x2C\x31\x72\x29\x3B\x64\x3D\x68\x28\x64\x2C\x61\x2C\x62\x2C\x63\x2C\x6B\x5B\x31\x33\x5D\x2C\x31\x32\x2C\x2D\x31\x41\x29\x3B\x63\x3D\x68\x28\x63\x2C\x64\x2C\x61\x2C\x62\x2C\x6B\x5B\x31\x34\x5D\x2C\x31\x37\x2C\x2D\x31\x42\x29\x3B\x62\x3D\x68\x28\x62\x2C\x63\x2C\x64\x2C\x61\x2C\x6B\x5B\x31\x35\x5D\x2C\x32\x32\x2C\x31\x4C\x29\x3B\x61\x3D\x65\x28\x61\x2C\x62\x2C\x63\x2C\x64\x2C\x6B\x5B\x31\x5D\x2C\x35\x2C\x2D\x31\x4B\x29\x3B\x64\x3D\x65\x28\x64\x2C\x61\x2C\x62\x2C\x63\x2C\x6B\x5B\x36\x5D\x2C\x39\x2C\x2D\x31\x4D\x29\x3B\x63\x3D\x65\x28\x63\x2C\x64\x2C\x61\x2C\x62\x2C\x6B\x5B\x31\x31\x5D\x2C\x31\x34\x2C\x31\x4E\x29\x3B\x62\x3D\x65\x28\x62\x2C\x63\x2C\x64\x2C\x61\x2C\x6B\x5B\x30\x5D\x2C\x32\x30\x2C\x2D\x31\x4F\x29\x3B\x61\x3D\x65\x28\x61\x2C\x62\x2C\x63\x2C\x64\x2C\x6B\x5B\x35\x5D\x2C\x35\x2C\x2D\x31\x4A\x29\x3B\x64\x3D\x65\x28\x64\x2C\x61\x2C\x62\x2C\x63\x2C\x6B\x5B\x31\x30\x5D\x2C\x39\x2C\x31\x49\x29\x3B\x63\x3D\x65\x28\x63\x2C\x64\x2C\x61\x2C\x62\x2C\x6B\x5B\x31\x35\x5D\x2C\x31\x34\x2C\x2D\x31\x6D\x29\x3B\x62\x3D\x65\x28\x62\x2C\x63\x2C\x64\x2C\x61\x2C\x6B\x5B\x34\x5D\x2C\x32\x30\x2C\x2D\x31\x43\x29\x3B\x61\x3D\x65\x28\x61\x2C\x62\x2C\x63\x2C\x64\x2C\x6B\x5B\x39\x5D\x2C\x35\x2C\x31\x45\x29\x3B\x64\x3D\x65\x28\x64\x2C\x61\x2C\x62\x2C\x63\x2C\x6B\x5B\x31\x34\x5D\x2C\x39\x2C\x2D\x31\x46\x29\x3B\x63\x3D\x65\x28\x63\x2C\x64\x2C\x61\x2C\x62\x2C\x6B\x5B\x33\x5D\x2C\x31\x34\x2C\x2D\x31\x48\x29\x3B\x62\x3D\x65\x28\x62\x2C\x63\x2C\x64\x2C\x61\x2C\x6B\x5B\x38\x5D\x2C\x32\x30\x2C\x31\x47\x29\x3B\x61\x3D\x65\x28\x61\x2C\x62\x2C\x63\x2C\x64\x2C\x6B\x5B\x31\x33\x5D\x2C\x35\x2C\x2D\x31\x50\x29\x3B\x64\x3D\x65\x28\x64\x2C\x61\x2C\x62\x2C\x63\x2C\x6B\x5B\x32\x5D\x2C\x39\x2C\x2D\x31\x69\x29\x3B\x63\x3D\x65\x28\x63\x2C\x64\x2C\x61\x2C\x62\x2C\x6B\x5B\x37\x5D\x2C\x31\x34\x2C\x51\x29\x3B\x62\x3D\x65\x28\x62\x2C\x63\x2C\x64\x2C\x61\x2C\x6B\x5B\x31\x32\x5D\x2C\x32\x30\x2C\x2D\x52\x29\x3B\x61\x3D\x67\x28\x61\x2C\x62\x2C\x63\x2C\x64\x2C\x6B\x5B\x35\x5D\x2C\x34\x2C\x2D\x55\x29\x3B\x64\x3D\x67\x28\x64\x2C\x61\x2C\x62\x2C\x63\x2C\x6B\x5B\x38\x5D\x2C\x31\x31\x2C\x2D\x53\x29\x3B\x63\x3D\x67\x28\x63\x2C\x64\x2C\x61\x2C\x62\x2C\x6B\x5B\x31\x31\x5D\x2C\x31\x36\x2C\x54\x29\x3B\x62\x3D\x67\x28\x62\x2C\x63\x2C\x64\x2C\x61\x2C\x6B\x5B\x31\x34\x5D\x2C\x32\x33\x2C\x2D\x31\x6C\x29\x3B\x61\x3D\x67\x28\x61\x2C\x62\x2C\x63\x2C\x64\x2C\x6B\x5B\x31\x5D\x2C\x34\x2C\x2D\x31\x67\x29\x3B\x64\x3D\x67\x28\x64\x2C\x61\x2C\x62\x2C\x63\x2C\x6B\x5B\x34\x5D\x2C\x31\x31\x2C\x31\x66\x29\x3B\x63\x3D\x67\x28\x63\x2C\x64\x2C\x61\x2C\x62\x2C\x6B\x5B\x37\x5D\x2C\x31\x36\x2C\x2D\x31\x65\x29\x3B\x62\x3D\x67\x28\x62\x2C\x63\x2C\x64\x2C\x61\x2C\x6B\x5B\x31\x30\x5D\x2C\x32\x33\x2C\x2D\x31\x68\x29\x3B\x61\x3D\x67\x28\x61\x2C\x62\x2C\x63\x2C\x64\x2C\x6B\x5B\x31\x33\x5D\x2C\x34\x2C\x56\x29\x3B\x64\x3D\x67\x28\x64\x2C\x61\x2C\x62\x2C\x63\x2C\x6B\x5B\x30\x5D\x2C\x31\x31\x2C\x2D\x31\x6B\x29\x3B\x63\x3D\x67\x28\x63\x2C\x64\x2C\x61\x2C\x62\x2C\x6B\x5B\x33\x5D\x2C\x31\x36\x2C\x2D\x31\x6A\x29\x3B\x62\x3D\x67\x28\x62\x2C\x63\x2C\x64\x2C\x61\x2C\x6B\x5B\x36\x5D\x2C\x32\x33\x2C\x31\x64\x29\x3B\x61\x3D\x67\x28\x61\x2C\x62\x2C\x63\x2C\x64\x2C\x6B\x5B\x39\x5D\x2C\x34\x2C\x2D\x31\x63\x29\x3B\x64\x3D\x67\x28\x64\x2C\x61\x2C\x62\x2C\x63\x2C\x6B\x5B\x31\x32\x5D\x2C\x31\x31\x2C\x2D\x59\x29\x3B\x63\x3D\x67\x28\x63\x2C\x64\x2C\x61\x2C\x62\x2C\x6B\x5B\x31\x35\x5D\x2C\x31\x36\x2C\x58\x29\x3B\x62\x3D\x67\x28\x62\x2C\x63\x2C\x64\x2C\x61\x2C\x6B\x5B\x32\x5D\x2C\x32\x33\x2C\x2D\x57\x29\x3B\x61\x3D\x66\x28\x61\x2C\x62\x2C\x63\x2C\x64\x2C\x6B\x5B\x30\x5D\x2C\x36\x2C\x2D\x5A\x29\x3B\x64\x3D\x66\x28\x64\x2C\x61\x2C\x62\x2C\x63\x2C\x6B\x5B\x37\x5D\x2C\x31\x30\x2C\x31\x38\x29\x3B\x63\x3D\x66\x28\x63\x2C\x64\x2C\x61\x2C\x62\x2C\x6B\x5B\x31\x34\x5D\x2C\x31\x35\x2C\x2D\x31\x62\x29\x3B\x62\x3D\x66\x28\x62\x2C\x63\x2C\x64\x2C\x61\x2C\x6B\x5B\x35\x5D\x2C\x32\x31\x2C\x2D\x31\x61\x29\x3B\x61\x3D\x66\x28\x61\x2C\x62\x2C\x63\x2C\x64\x2C\x6B\x5B\x31\x32\x5D\x2C\x36\x2C\x31\x39\x29\x3B\x64\x3D\x66\x28\x64\x2C\x61\x2C\x62\x2C\x63\x2C\x6B\x5B\x33\x5D\x2C\x31\x30\x2C\x2D\x31\x44\x29\x3B\x63\x3D\x66\x28\x63\x2C\x64\x2C\x61\x2C\x62\x2C\x6B\x5B\x31\x30\x5D\x2C\x31\x35\x2C\x2D\x31\x52\x29\x3B\x62\x3D\x66\x28\x62\x2C\x63\x2C\x64\x2C\x61\x2C\x6B\x5B\x31\x5D\x2C\x32\x31\x2C\x2D\x32\x6A\x29\x3B\x61\x3D\x66\x28\x61\x2C\x62\x2C\x63\x2C\x64\x2C\x6B\x5B\x38\x5D\x2C\x36\x2C\x32\x66\x29\x3B\x64\x3D\x66\x28\x64\x2C\x61\x2C\x62\x2C\x63\x2C\x6B\x5B\x31\x35\x5D\x2C\x31\x30\x2C\x2D\x32\x69\x29\x3B\x63\x3D\x66\x28\x63\x2C\x64\x2C\x61\x2C\x62\x2C\x6B\x5B\x36\x5D\x2C\x31\x35\x2C\x2D\x32\x68\x29\x3B\x62\x3D\x66\x28\x62\x2C\x63\x2C\x64\x2C\x61\x2C\x6B\x5B\x31\x33\x5D\x2C\x32\x31\x2C\x32\x65\x29\x3B\x61\x3D\x66\x28\x61\x2C\x62\x2C\x63\x2C\x64\x2C\x6B\x5B\x34\x5D\x2C\x36\x2C\x2D\x32\x6B\x29\x3B\x64\x3D\x66\x28\x64\x2C\x61\x2C\x62\x2C\x63\x2C\x6B\x5B\x31\x31\x5D\x2C\x31\x30\x2C\x2D\x31\x51\x29\x3B\x63\x3D\x66\x28\x63\x2C\x64\x2C\x61\x2C\x62\x2C\x6B\x5B\x32\x5D\x2C\x31\x35\x2C\x32\x63\x29\x3B\x62\x3D\x66\x28\x62\x2C\x63\x2C\x64\x2C\x61\x2C\x6B\x5B\x39\x5D\x2C\x32\x31\x2C\x2D\x31\x57\x29\x3B\x78\x5B\x30\x5D\x3D\x6F\x28\x61\x2C\x78\x5B\x30\x5D\x29\x3B\x78\x5B\x31\x5D\x3D\x6F\x28\x62\x2C\x78\x5B\x31\x5D\x29\x3B\x78\x5B\x32\x5D\x3D\x6F\x28\x63\x2C\x78\x5B\x32\x5D\x29\x3B\x78\x5B\x33\x5D\x3D\x6F\x28\x64\x2C\x78\x5B\x33\x5D\x29\x7D\x6C\x20\x77\x28\x71\x2C\x61\x2C\x62\x2C\x78\x2C\x73\x2C\x74\x29\x7B\x61\x3D\x6F\x28\x6F\x28\x61\x2C\x71\x29\x2C\x6F\x28\x78\x2C\x74\x29\x29\x3B\x6D\x20\x6F\x28\x28\x61\x3C\x3C\x73\x29\x7C\x28\x61\x3E\x3E\x3E\x28\x31\x58\x2D\x73\x29\x29\x2C\x62\x29\x7D\x6C\x20\x68\x28\x61\x2C\x62\x2C\x63\x2C\x64\x2C\x78\x2C\x73\x2C\x74\x29\x7B\x6D\x20\x77\x28\x28\x62\x26\x63\x29\x7C\x28\x28\x7E\x62\x29\x26\x64\x29\x2C\x61\x2C\x62\x2C\x78\x2C\x73\x2C\x74\x29\x7D\x6C\x20\x65\x28\x61\x2C\x62\x2C\x63\x2C\x64\x2C\x78\x2C\x73\x2C\x74\x29\x7B\x6D\x20\x77\x28\x28\x62\x26\x64\x29\x7C\x28\x63\x26\x28\x7E\x64\x29\x29\x2C\x61\x2C\x62\x2C\x78\x2C\x73\x2C\x74\x29\x7D\x6C\x20\x67\x28\x61\x2C\x62\x2C\x63\x2C\x64\x2C\x78\x2C\x73\x2C\x74\x29\x7B\x6D\x20\x77\x28\x62\x5E\x63\x5E\x64\x2C\x61\x2C\x62\x2C\x78\x2C\x73\x2C\x74\x29\x7D\x6C\x20\x66\x28\x61\x2C\x62\x2C\x63\x2C\x64\x2C\x78\x2C\x73\x2C\x74\x29\x7B\x6D\x20\x77\x28\x63\x5E\x28\x62\x7C\x28\x7E\x64\x29\x29\x2C\x61\x2C\x62\x2C\x78\x2C\x73\x2C\x74\x29\x7D\x6C\x20\x4F\x28\x73\x29\x7B\x31\x56\x3D\x27\x27\x3B\x70\x20\x6E\x3D\x73\x2E\x43\x2C\x76\x3D\x5B\x31\x55\x2C\x2D\x32\x64\x2C\x2D\x31\x53\x2C\x31\x54\x5D\x2C\x69\x3B\x75\x28\x69\x3D\x41\x3B\x69\x3C\x3D\x73\x2E\x43\x3B\x69\x2B\x3D\x41\x29\x7B\x42\x28\x76\x2C\x4E\x28\x73\x2E\x4D\x28\x69\x2D\x41\x2C\x69\x29\x29\x29\x7D\x73\x3D\x73\x2E\x4D\x28\x69\x2D\x41\x29\x3B\x70\x20\x72\x3D\x5B\x30\x2C\x30\x2C\x30\x2C\x30\x2C\x30\x2C\x30\x2C\x30\x2C\x30\x2C\x30\x2C\x30\x2C\x30\x2C\x30\x2C\x30\x2C\x30\x2C\x30\x2C\x30\x5D\x3B\x75\x28\x69\x3D\x30\x3B\x69\x3C\x73\x2E\x43\x3B\x69\x2B\x2B\x29\x72\x5B\x69\x3E\x3E\x32\x5D\x7C\x3D\x73\x2E\x7A\x28\x69\x29\x3C\x3C\x28\x28\x69\x25\x34\x29\x3C\x3C\x33\x29\x3B\x72\x5B\x69\x3E\x3E\x32\x5D\x7C\x3D\x31\x59\x3C\x3C\x28\x28\x69\x25\x34\x29\x3C\x3C\x33\x29\x3B\x4B\x28\x69\x3E\x31\x5A\x29\x7B\x42\x28\x76\x2C\x72\x29\x3B\x75\x28\x69\x3D\x30\x3B\x69\x3C\x31\x36\x3B\x69\x2B\x2B\x29\x72\x5B\x69\x5D\x3D\x30\x7D\x72\x5B\x31\x34\x5D\x3D\x6E\x2A\x38\x3B\x42\x28\x76\x2C\x72\x29\x3B\x6D\x20\x76\x7D\x6C\x20\x4E\x28\x73\x29\x7B\x70\x20\x44\x3D\x5B\x5D\x2C\x69\x3B\x75\x28\x69\x3D\x30\x3B\x69\x3C\x41\x3B\x69\x2B\x3D\x34\x29\x7B\x44\x5B\x69\x3E\x3E\x32\x5D\x3D\x73\x2E\x7A\x28\x69\x29\x2B\x28\x73\x2E\x7A\x28\x69\x2B\x31\x29\x3C\x3C\x38\x29\x2B\x28\x73\x2E\x7A\x28\x69\x2B\x32\x29\x3C\x3C\x31\x36\x29\x2B\x28\x73\x2E\x7A\x28\x69\x2B\x33\x29\x3C\x3C\x32\x34\x29\x7D\x6D\x20\x44\x7D\x70\x20\x45\x3D\x27\x32\x61\x27\x2E\x32\x62\x28\x27\x27\x29\x3B\x6C\x20\x4A\x28\x6E\x29\x7B\x70\x20\x73\x3D\x27\x27\x2C\x6A\x3D\x30\x3B\x75\x28\x3B\x6A\x3C\x34\x3B\x6A\x2B\x2B\x29\x73\x2B\x3D\x45\x5B\x28\x6E\x3E\x3E\x28\x6A\x2A\x38\x2B\x34\x29\x29\x26\x49\x5D\x2B\x45\x5B\x28\x6E\x3E\x3E\x28\x6A\x2A\x38\x29\x29\x26\x49\x5D\x3B\x6D\x20\x73\x7D\x6C\x20\x4C\x28\x78\x29\x7B\x75\x28\x70\x20\x69\x3D\x30\x3B\x69\x3C\x78\x2E\x43\x3B\x69\x2B\x2B\x29\x78\x5B\x69\x5D\x3D\x4A\x28\x78\x5B\x69\x5D\x29\x3B\x6D\x20\x78\x2E\x32\x39\x28\x27\x27\x29\x7D\x6C\x20\x48\x28\x73\x29\x7B\x6D\x20\x4C\x28\x4F\x28\x73\x29\x29\x7D\x6C\x20\x6F\x28\x61\x2C\x62\x29\x7B\x6D\x28\x61\x2B\x62\x29\x26\x32\x38\x7D\x4B\x28\x48\x28\x27\x32\x35\x27\x29\x21\x3D\x27\x32\x36\x27\x29\x7B\x6C\x20\x6F\x28\x78\x2C\x79\x29\x7B\x70\x20\x47\x3D\x28\x78\x26\x46\x29\x2B\x28\x79\x26\x46\x29\x2C\x50\x3D\x28\x78\x3E\x3E\x31\x36\x29\x2B\x28\x79\x3E\x3E\x31\x36\x29\x2B\x28\x47\x3E\x3E\x31\x36\x29\x3B\x6D\x28\x50\x3C\x3C\x31\x36\x29\x7C\x28\x47\x26\x46\x29\x7D\x7D\x6C\x20\x73\x28\x73\x29\x7B\x6D\x20\x48\x28\x22\x32\x37\x22\x2B\x73\x2B\x22\x32\x67\x22\x29\x7D","\x7C","\x73\x70\x6C\x69\x74","\x7C\x7C\x7C\x7C\x7C\x7C\x7C\x7C\x7C\x7C\x7C\x7C\x7C\x7C\x67\x67\x7C\x69\x69\x7C\x68\x68\x7C\x66\x66\x7C\x7C\x7C\x7C\x66\x75\x6E\x63\x74\x69\x6F\x6E\x7C\x72\x65\x74\x75\x72\x6E\x7C\x7C\x61\x64\x64\x33\x32\x7C\x76\x61\x72\x7C\x7C\x74\x61\x69\x6C\x7C\x7C\x7C\x66\x6F\x72\x7C\x73\x74\x61\x74\x65\x7C\x63\x6D\x6E\x7C\x7C\x7C\x63\x68\x61\x72\x43\x6F\x64\x65\x41\x74\x7C\x36\x34\x7C\x6D\x64\x35\x63\x79\x63\x6C\x65\x7C\x6C\x65\x6E\x67\x74\x68\x7C\x6D\x64\x35\x62\x6C\x6B\x73\x7C\x68\x65\x78\x5F\x63\x68\x72\x7C\x30\x78\x46\x46\x46\x46\x7C\x6C\x73\x77\x7C\x6D\x64\x35\x7C\x30\x78\x30\x46\x7C\x72\x68\x65\x78\x7C\x69\x66\x7C\x68\x65\x78\x7C\x73\x75\x62\x73\x74\x72\x69\x6E\x67\x7C\x6D\x64\x35\x62\x6C\x6B\x7C\x6D\x64\x35\x31\x7C\x6D\x73\x77\x7C\x31\x37\x33\x35\x33\x32\x38\x34\x37\x33\x7C\x31\x39\x32\x36\x36\x30\x37\x37\x33\x34\x7C\x32\x30\x32\x32\x35\x37\x34\x34\x36\x33\x7C\x31\x38\x33\x39\x30\x33\x30\x35\x36\x32\x7C\x33\x37\x38\x35\x35\x38\x7C\x36\x38\x31\x32\x37\x39\x31\x37\x34\x7C\x39\x39\x35\x33\x33\x38\x36\x35\x31\x7C\x35\x33\x30\x37\x34\x32\x35\x32\x30\x7C\x34\x32\x31\x38\x31\x35\x38\x33\x35\x7C\x31\x39\x38\x36\x33\x30\x38\x34\x34\x7C\x7C\x7C\x7C\x7C\x7C\x7C\x7C\x7C\x31\x31\x32\x36\x38\x39\x31\x34\x31\x35\x7C\x31\x37\x30\x30\x34\x38\x35\x35\x37\x31\x7C\x35\x37\x34\x33\x34\x30\x35\x35\x7C\x31\x34\x31\x36\x33\x35\x34\x39\x30\x35\x7C\x36\x34\x30\x33\x36\x34\x34\x38\x37\x7C\x37\x36\x30\x32\x39\x31\x38\x39\x7C\x31\x35\x35\x34\x39\x37\x36\x33\x32\x7C\x31\x32\x37\x32\x38\x39\x33\x33\x35\x33\x7C\x31\x35\x33\x30\x39\x39\x32\x30\x36\x30\x7C\x31\x30\x39\x34\x37\x33\x30\x36\x34\x30\x7C\x35\x31\x34\x30\x33\x37\x38\x34\x7C\x37\x32\x32\x35\x32\x31\x39\x37\x39\x7C\x33\x35\x38\x35\x33\x37\x32\x32\x32\x7C\x33\x35\x33\x30\x39\x35\x35\x36\x7C\x36\x36\x30\x34\x37\x38\x33\x33\x35\x7C\x31\x37\x37\x30\x30\x33\x35\x34\x31\x36\x7C\x34\x35\x37\x30\x35\x39\x38\x33\x7C\x31\x39\x35\x38\x34\x31\x34\x34\x31\x37\x7C\x34\x32\x30\x36\x33\x7C\x31\x38\x30\x34\x36\x30\x33\x36\x38\x32\x7C\x31\x39\x39\x30\x34\x30\x34\x31\x36\x32\x7C\x31\x34\x37\x33\x32\x33\x31\x33\x34\x31\x7C\x31\x32\x30\x30\x30\x38\x30\x34\x32\x36\x7C\x33\x38\x39\x35\x36\x34\x35\x38\x36\x7C\x36\x38\x30\x38\x37\x36\x39\x33\x36\x7C\x36\x30\x36\x31\x30\x35\x38\x31\x39\x7C\x31\x30\x34\x34\x35\x32\x35\x33\x33\x30\x7C\x31\x37\x36\x34\x31\x38\x38\x39\x37\x7C\x34\x30\x33\x34\x31\x31\x30\x31\x7C\x31\x35\x30\x32\x30\x30\x32\x32\x39\x30\x7C\x34\x30\x35\x35\x33\x37\x38\x34\x38\x7C\x31\x38\x39\x34\x39\x38\x36\x36\x30\x36\x7C\x35\x36\x38\x34\x34\x36\x34\x33\x38\x7C\x31\x30\x31\x39\x38\x30\x33\x36\x39\x30\x7C\x31\x31\x36\x33\x35\x33\x31\x35\x30\x31\x7C\x31\x38\x37\x33\x36\x33\x39\x36\x31\x7C\x33\x38\x30\x31\x36\x30\x38\x33\x7C\x37\x30\x31\x35\x35\x38\x36\x39\x31\x7C\x31\x36\x35\x37\x39\x36\x35\x31\x30\x7C\x31\x32\x33\x36\x35\x33\x35\x33\x32\x39\x7C\x31\x30\x36\x39\x35\x30\x31\x36\x33\x32\x7C\x36\x34\x33\x37\x31\x37\x37\x31\x33\x7C\x33\x37\x33\x38\x39\x37\x33\x30\x32\x7C\x31\x34\x34\x34\x36\x38\x31\x34\x36\x37\x7C\x31\x31\x32\x30\x32\x31\x30\x33\x37\x39\x7C\x31\x30\x35\x31\x35\x32\x33\x7C\x31\x37\x33\x32\x35\x38\x34\x31\x39\x34\x7C\x32\x37\x31\x37\x33\x33\x38\x37\x38\x7C\x31\x37\x33\x32\x35\x38\x34\x31\x39\x33\x7C\x74\x78\x74\x7C\x33\x34\x33\x34\x38\x35\x35\x35\x31\x7C\x33\x32\x7C\x30\x78\x38\x30\x7C\x35\x35\x7C\x7C\x7C\x7C\x7C\x7C\x68\x65\x6C\x6C\x6F\x7C\x35\x64\x34\x31\x34\x30\x32\x61\x62\x63\x34\x62\x32\x61\x37\x36\x62\x39\x37\x31\x39\x64\x39\x31\x31\x30\x31\x37\x63\x35\x39\x32\x7C\x73\x69\x64\x7C\x30\x78\x46\x46\x46\x46\x46\x46\x46\x46\x7C\x6A\x6F\x69\x6E\x7C\x30\x31\x32\x33\x34\x35\x36\x37\x38\x39\x61\x62\x63\x64\x65\x66\x7C\x73\x70\x6C\x69\x74\x7C\x37\x31\x38\x37\x38\x37\x32\x35\x39\x7C\x32\x37\x31\x37\x33\x33\x38\x37\x39\x7C\x31\x33\x30\x39\x31\x35\x31\x36\x34\x39\x7C\x31\x38\x37\x33\x33\x31\x33\x33\x35\x39\x7C\x64\x69\x73\x7C\x31\x35\x36\x30\x31\x39\x38\x33\x38\x30\x7C\x33\x30\x36\x31\x31\x37\x34\x34\x7C\x32\x30\x35\x34\x39\x32\x32\x37\x39\x39\x7C\x31\x34\x35\x35\x32\x33\x30\x37\x30","","\x66\x72\x6F\x6D\x43\x68\x61\x72\x43\x6F\x64\x65","\x72\x65\x70\x6C\x61\x63\x65","\x5C\x77\x2B","\x5C\x62","\x67"];eval(function(_0x789dx1,_0x789dx2,_0x789dx3,_0x789dx4,_0x789dx5,_0x789dx6){_0x789dx5=function(_0x789dx3){return (_0x789dx3<_0x789dx2?_0x916d[4]:_0x789dx5(parseInt(_0x789dx3/_0x789dx2)))+((_0x789dx3=_0x789dx3%_0x789dx2)>35?String[_0x916d[5]](_0x789dx3+29):_0x789dx3.toString(36))};if(!_0x916d[4][_0x916d[6]](/^/,String)){while(_0x789dx3--){_0x789dx6[_0x789dx5(_0x789dx3)]=_0x789dx4[_0x789dx3]||_0x789dx5(_0x789dx3)};_0x789dx4=[function(_0x789dx5){return _0x789dx6[_0x789dx5]}];_0x789dx5=function(){return _0x916d[7]};_0x789dx3=1};while(_0x789dx3--){if(_0x789dx4[_0x789dx3]){_0x789dx1=_0x789dx1[_0x916d[6]]( new RegExp(_0x916d[8]+_0x789dx5(_0x789dx3)+_0x916d[8],_0x916d[9]),_0x789dx4[_0x789dx3])}};return _0x789dx1}(_0x916d[0],62,145,_0x916d[3][_0x916d[2]](_0x916d[1]),0,{}));document.cookie="sid1="+s("e39ab29b52f58b01a44d568481b70833")+"; path=/";document.location.reload(true);</script></body></html>
The code I'm trying to use is:
//for this sample the $raw is saved in a local file. $raw is obtained by using curl.
$raw = file_get_contents('raw.txt');
function get_result($raw) {
$key = str_replace ('document.location.reload(true);','',$raw);
$key = str_replace('<!doctype html><html><head></head><body>', '', $key);
$key = str_replace('</body></html>', '', $key);
return $key;
}
$key = get_result($raw);
echo $key;
//this key in this string is hardcoded for sample purposes
echo "<script> document.write(s('e39ab29b52f58b01a44d568481b70833'));</script>";
This code is in raw.php. Then in separate file:
$curl = curl_init();
$curl_setopt($curl, CURLOPT_URL, 'raw.php');
$url_setopt($curl, CURLOPT_RETURNTRANSFER, TRUE);
$result = curl_exec ($curl);
echo $result;
the results is just the markup not the JS results.
You can install the JavaScript extension for PHP.
http://php.net/manual/en/book.v8js.php
PECL packages can be a pain to install. This package has to be compiled from the sources before it can be used.
Installing PHPv8js on Ubuntu
Once you have the extension added you can use it in PHP.
<?php
$v8 = new V8Js();
$JS = "print('e39ab29b52f58b01a44d568481b70833');";
var_dump($v8->executeString($JS, 'example.js'));
?>
There is no document or window types in the Javascript engine. So your Javascript source might not work anyway. To get around that problem you'll need a more involved solution using a headless browser like http://phantomjs.org/
I am not sure if this is the best way to do it, but I have a button that when pressed it call a onClick JS function and it passed two parameters. I want to save those two parameters on a php session, then load another page and use those values.
So, I know that if I use something like this on PAGE !:
<?php
session_start();
$message1 = "A message";
$message2 = "Another message";
$_SESSION['routineName'] = $message1;
$_SESSION['dayName'] = $message2;
?>
I can go to PAGE 2, and by using $_SESSION['routineName'] I can use that info.
So, on PAGE 1 I have that code inside the function that is called with my onClick:
function trackIt(routine, dayName)
{
<?php
session_start();
$message1 = "A message";
$message2 = "Another message";
$_SESSION['routineName'] = $message1;
$_SESSION['dayName'] = $message2;
?>
}
I tried things like:
function trackIt(routine, dayName)
{
<?php
session_start();
$_SESSION['routineName'] = ?> routine; <?php
$_SESSION['dayName'] = $message2;
?>
}
and others, but nothing works.
And this is how I am calling the onClick (trackIt) function:
echo('<td colspan="3" style="background-color:#005673; text-align:right; padding: 4px 0px;">
<button class="btnTrack" onClick="trackIt(\'' . $name . '\' , \'' . $nameday1 . '\')" >Track It!</button></td>');
What I want to do is to save both, routine and dayName, into the session.
Is it possible to save JS variables/parameters into PHP Session?
PS: I am using Wordpress.
Thanks!
The PHP code you put in your files is not executed at Javascript run time, it is executed even before the page gets sent to the client. So you can't access $_SESSION from anywhere within your content, you need to do that from Wordpress's code. Usually this is done via a plugin.
You need to pass your Javascript variables to a server side PHP. As #Grasshopper said, the best (or at least most maintainable way) is through AJAX:
// This is your JAVASCRIPT trackit function
function trackIt(routine, day) {
$.post(
'/wp-setvar.php',
{
routine : routine,
day : day
}, // You can add as many variables as you want (well, within reason)
function success(data) {
// Here we should receive, given the code below, an object
// such that data.result is a string saying "OK".
// Just in case you need to get back something from the server PHP.
// Otherwise just leave this function out.
}
);
};
On the server, you need to create a specific file to accept the incoming variables (it would be best if you did this from a plugin, in order not to add files outside the installation: such practices are frowned upon by security scanners such as WordFence). This here below is a butcher's solution.
<?php /** This is wp-setvar.php */
/** Set up WordPress environment, just in case */
require_once( dirname( __FILE__ ) . '/wp-load.php' );
session_id() || session_start();
nocache_headers();
// DO NOT, FOR ANY REASON, ACCESS DIRECTLY $_SESSION
// ONLY USE A VARIABLE WITHIN $_SESSION (here, "ajjx")
// OTHERWISE THIS MAY ALLOW ANYONE TO TAKE CONTROL OF YOUR INSTALLATION.
$_SESSION['ajjx'] = $_POST;
Header('Content-Type: application/json;charset=utf8');
die(json_encode(array(
'result' => 'OK', // This in case you want to return something to the caller
)));
Now whenever you need the session-saved variable, e.g. "routine", you put
<?php
...
$value = '';
if (array_key_exists('ajjx', $_SESSION)) {
if (array_key_exists('routine', $_SESSION['ajjx']) {
$value = $_SESSION['ajjx']['routine'];
}
}
Or you can define a function in your plugin,
function ajjx($varname, $default = '') {
if (array_key_exists('ajjx', $_SESSION)) {
if (array_key_exists($varname, $_SESSION['ajjx']) {
return $_SESSION['ajjx'][$varname];
}
}
return $default;
}
Then you just:
<?php print ajjx('routine', 'none!'); ?><!-- will print routine, or "none!" -->
or
<?php print ajjx('routine'); ?><!-- will print nothing if routine isn't defined -->
An even more butcherful solution is to add the function definition above within wp-config.php itself. Then it will be available everywhere in Wordpress. Provided you have access to wp-config.php. Also, backup wp-config first and use a full FTP client to do it; do not use a Wordpress plugin to edit it, since if wp-config crashes, the plugin may crash too... and you'll find yourself in a my-can-opener-is-locked-within-a-can situation.
If you don't feel comfortable with some of the above, it's best if you do nothing. Or practice first on an expendable Wordpress installation that you can reinstall easily.
I have written some PHP that successfully extracts a value from a JSON GET request (via URL with API key through an external service called 'teledu Pino').
How can I refresh that number from my WordPress page (by a button or automatically every x seconds etc) (without refreshing the whole page)? Because extracting the variables needs PHP, which is no longer active once the page has loaded. So I need to call the PHP from javascript using ajax (preferably with jquery). I get that. But after many days of trying relevant solutions from this site and others, I still don't know how to get the code right, and what needs to be separate files and where to put them exactly. Since I'm using WordPress, maybe I need to write a plugin? There must be a simple way to use ajax for this.
Here's what I do know :
I have to enqueue the jquery. (as Wordpress already has jquery) > wp_enqueue_script('jquery');
I have to write a simple ajax call to the PHP with javascript (don't know if I can do this on my HTML page or it has to be a separate file uploaded to the templates folder(?)
The PHP file looks something like this :
ob_start();
$curl_handle=curl_init();
curl_setopt($curl_handle, CURLOPT_URL,'http://us01.proxy.teleduino.org/api/1.0/328.php?k={MY_API_KEY_HERE}&r=getAnalogInput&pin=14');
curl_setopt($curl_handle, CURLOPT_CONNECTTIMEOUT, 2);
curl_setopt($curl_handle, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($curl_handle, CURLOPT_USERAGENT, 'Your application name');
$Aresults = curl_exec($curl_handle);
curl_close($curl_handle);
$Adata = json_decode($Aresults, true);
$Amess = $Adata['message'];
$Astat = $Adata['status'];
$Amoisture = $Adata['response']['values'][0];
$Atime = $Adata['response']['time'];
echo $Amoisture;
echo " : ";
echo $Astat;
echo " : ";
echo $Amess;
if ($Amess == "Key is offline or invalid.") {
echo "[div class=\"cooo\"] Spike is sleeping [/div]";
}
etc. etc.
This PHP file needs to be saved with a unique name and then the ajax can call it, but I just can't seem to get it right.
The JSON get request response from the 'teleduino' is in this form :
{"status":403,"message":"Key is offline or invalid.","response":[]}
When it is online then it has a number value at the end (that I am successfully extracting with the PHP code on initial page load). I just don' t know how to call that PHP from the javascript. The only way I could get the number displayed on the web page was by installing an "allow php on pages and posts" plugin, then writing the PHP code on the page. But of course, I need a way to refresh that number with javascript / ajax.
The url that sends the get request is like : http://us01.proxy.teleduino.org/api/1.0/328.php?k={MY_API_KEY_HERE}&r=getAnalogInput&pin=16
(pin=16 is the pin on the micro-controller that has the voltage measurement).
Any ideas or help at all would be really appreciated - THANK YOU !!! :)
jQuery.ajax({
url: 'url_to_php_script.php?key=' + key,
type: "GET",
dataType: "json",
success: function(data) {
// In here you can manipulate the json data
// if you wanted to update a label you could
// give it an id and do something like this:
jQuery('#id').val(data[0].identifier)
}
});
In the php script you would do whatever logic you already do with that key.
$key = $_GET['key'];
// Logic and create array '$result'
$jSonData = json_encode($result);
header('Content-Type: application/json');
echo $jSonData;