1

I have been trying to figure this out for two days and have had no luck.I am using PHP with Javascript and I am trying to access a Javascript variable on another Page.

Here is my Javascript code which is only alerting the user what taskID is...

<script>
function myFunction(taskID)
{
alert("Task #" + taskID);

}
</script>

Here is my PHP

//select all tasks for this report
            $tasks = mysqli_query($conn,"SELECT taskID, hoursSpent, workDone, plannedTasks FROM Tasks where reportID = $report_id AND projID = $proj_id");
            $task_count = 1;
            while($row1 = mysqli_fetch_array($tasks))
            {
                $taskID = $row1['taskID'];
                //display the task information
                echo "<strong id='tasks'>Task #" . $task_count . "</strong>";
                echo " - <a href = '#' onclick ='myFunction($taskID)'>Edit</a><br>";


                echo "Hours Spent: " . $row1['hoursSpent'] . "<br><br>"; 
                echo "Accomplished: <br>" . $row1['workDone'] . "<br><br>";
                echo "Planned for Next week: <br>" . $row1['plannedTasks'] . "<br>";
                echo "<br>";
                $task_count++;
            }

how can i pass that taskID to another page so i can edit the task information?

Thanks!

Improve this question
4
  • easiest as a GET variable: "mysite.com/otherpage.php?taskID=3" Commented Apr 16, 2013 at 17:14
  • Erm, link to page?task=123? Doesn't that work for you? Commented Apr 16, 2013 at 17:14
  • location="nextpage.php?task="+taskId Commented Apr 16, 2013 at 17:15
  • 1
    There are multiple solutions, like: 1) in URL (eg. using query parameter), 2) in cache, 3) in pushState/onpopstate states, 4) in hash (theoretically part of URL, but not visible to server), or even in 5) session, 6) localStorage etc. - it all depends what exactly you are trying to achieve. I would however stick to using URL for this, if your pages are pretty static and you want to give the ability to open more than one at once. Commented Apr 16, 2013 at 17:22

2 Answers 2

Reset to default
2

Just change this:

echo " - <a href = '#' onclick ='myFunction($taskID)'>Edit</a><br>";

To

echo " - <a href = 'editTask.php?id=".$taskID."'>Edit</a><br>";

And you're there. Just make sure that, in the editTask.php file, you check the id:

$editID = (int) $_GET['id'];//<-- $editID will hold an int, that is the id of the record the user wanted to edit.

Quite apart from that: good to see you're using an up-to-date extension for mysql. Nevertheless, code like this:

mysqli_query($conn,"SELECT taskID, hoursSpent, workDone, plannedTasks FROM Tasks where reportID = $report_id AND projID = $proj_id");

Will leave you vulnerable for injection attacks. Please do look into prepared statements.

$tasks = mysqli_query($conn, 'SELECT taskID, hoursSpent, workDone, plannedTasks FROM Tasks WHERE reportID = ? AND projID = ?');
mysqli_stmt_bind_param($tasks, 'i', $reportID);//replace i with s if should be a string etc...

Once your building queries based on client side data (which you will be doing with this: using the url to get the id...), it's the easiest way to protect yourself against a very common threat.

check this link
This one
And of course, this one to understand what injection is

Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

Thank you so much! I was overlooking it and now I feel really dumb. Have been looking into the prepared statements and already have two prepared insert statements. Will change the select queries to be prepared as well. Thanks again!
@user1536365: Glad I could help... though I appreciate your comment, the SO way of thanking somebody is by accepting the answer (clicking the large tick next to the answer)... you'll get some rep for it, too
0

Like this

<script>
function myFunction(taskID) {
  location="nextpage.php?task="+taskID;
  return false;

}
</script>



echo " - <a href = '#' onclick ='return myFunction("'.$taskID.'")'>Edit</a>

Or simpler

echo " - <a href='nextpage.php?task='.$taskID.'">Edit</a>
Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.