问题
This php function currently redirects the user to another page if they aren't logged in
if(!isset($_SESSION['SESS_USER_ID']) || (trim($_SESSION['SESS_USER_ID']) == '')){
header("location: login_failed.html");
exit();
}
How can I change the function so that instead of redirecting the user it does the following:
- Triggers the javascript function:
loginFailed(); - Prevents specific iframes which are preloaded from launching (these require a user to be logged in, and are currently opening as empty iframes if they're not logged in). I've included the script for this below. Alternatively, preventing iframes from launching which have a specific class or data-fancybox-type, or those which require
!isset($_SESSION['SESS_USER_ID']).
The functions which I want to trigger/prevent
function loginFailed() {
$().toastmessage('showToast', {
text: 'Log In Failed<br/><br/>Please check your username and password',
sticky: false,
position: 'top-center',
type: 'message',
closeText: '',
close: function () { console.log("toast is closed ...") }
});
}
$(function () {
$(".fancybox").fancybox({
preload: true,
});
$(".fancybox").eq(0).trigger('click');
});
I've tried:
echo "<script>loginFailed();</script>";
echo "<script type="text/javascript">loginFailed();</script>";
echo "<script type="text/javascript">loginFailed;</script>";
回答1:
Adding on to techfoobar's answer...
It is generally a good practice to put your variables from PHP into Javascript (if needed) and letting Javascript handle it, as opposed to echoing different javascript depending on a PHP variable.
Keep in mind that all javascript variables CAN be manipulated by the client.
Try something like this:
if(!isset($_SESSION['SESS_USER_ID']) || (trim($_SESSION['SESS_USER_ID']) == '')){
$t="no_session";
}
else{
$t="yes_session";
}
....
<script>
var session="<?php echo $t; ?>";
if(session == "no_session")
loginFailed();
</script>
回答2:
PHP runs on the server side. JavaScript runs on the client side inside the browser. PHP cannot directly invoke JavaScript functions.
PHP can however render JavaScript along with the HTML to the browser so that the browser can in turn run it.
In your particular case, one thing you can do is check for logged-in status via an AJAX call and call the required JS methods on its success callback.
Example:
For checking the login status:
/* JS */
function checkLoginState() {
$.post('/yourserver.com/isloggedin.php', function(data) {
if(data != "OK") { // not logged in
// call your JS method thats disables stuff etc.
loginFailed();
}
});
}
// Periodically check login state
setInterval(checkLoginState, 10000); // check every 10 seconds, change as needed.
/* PHP - isloggedin.php */
if(!isset($_SESSION['SESS_USER_ID']) || (trim($_SESSION['SESS_USER_ID']) == '')){
echo "NOT OK";
}
else {
echo "OK";
}
回答3:
I combined @hellohellosharp's suggestion with a solution which was given to me by @willoller for another problem and figured it out :-)
Add this to the php:
$logged_in = (isset($_SESSION['SESS_USER_ID']));
Add this to the javascript:
<?php if ($logged_in) : ?>
<a class="fancybox" data-fancybox-type="iframe" href="iframe1.html"></a>
<?php else : ?>
loginFailed();
<?php endif; ?>
I'm also using this to change the menu options based on whether or not a user's logged in.
Just a reminder - this uses ISSET to determine what javascript should show, but it only changes the user's experience and doesn't provide any security.
来源:https://stackoverflow.com/questions/13871458/triggering-or-preventing-a-javascript-function-if-sessionsess-user-id-isn