0

I have a php function that builds a list of items for me. Im not sure but i read that you cant call a php function explicitly though jQuery/js.

So i saw that you can still call php pages like this:

$("#name").click(function(){  
  $("#div").load("script.php");  
});

If i can call a php page like that, is there also a way to send it a URL when that page is loaded like this?

$("#name").click(function(){  
  $("#div").load("script.php", 'http://gdata.youtube.com/feeds/');  
});

also another problem comes up that how do i make the script accept that string through from jQuery?

normally when you call a function you pass parameter with the call like so:

<?php makeList( 'http://gdata.youtube.com/feeds/' ); ?>

//on the function-side
<?php 
function makeList( $feedURL ) 
{
//...stuff that uses $feedURL...
}
?>

Since i will make the function a script that runs upon being called how would i pass it a parameter?

I have no idea if this is possible or not and i would understand if this creates tons of security issues which makes it not acceptable.

Improve this question
5
  • 3
    You'd be basically turning your PHP script into a proxy server, and anyone looking at your JS code would realize they can use YOUR script to request any web content they want. Just sit back and wait for that knock on the door, followed by loud thumps, splintering noises, and lots of yelling. Commented Jul 26, 2011 at 18:52
  • my php script is a rss parser.. if your trying to warn me of something, do tell, instead of turning it into a joke. this is a community that helps right? at least i know you care a bit :D Commented Jul 26, 2011 at 19:36
  • Doesn't matter if it's an rss parser. If you're allowing external url specifications, someone WILL try to pass in http://.../script.php?http://hot_child_porn_here.com Commented Jul 26, 2011 at 19:37
  • i still am confused about this but wont jquery or the rss parser catch these? this actually was a hypothetical question that i didnt know that answer to but if you think its a bad idea and anything child_p0rn IS bad then i wont use this method Commented Jul 26, 2011 at 19:51
  • Depends on how open you want to be. Even just hitting a site or particular part of a site could be construed as 'bad'. If you're the only person who'd ever use this, then no problem. If you'r emaking it general-availability, you're going to have to consider this sort of thing. Commented Jul 26, 2011 at 19:57

2 Answers 2

Reset to default
1

You have the $.get and $.post methods in jQuery.

$.post('script.php', { url: 'http://gdata.youtube.com/feeds/' }, function(data) {
    //data will hold the output of your script.php
});

The url is posted to your PHP script and you can access it through $_POST['url'].

Improve this answer
Sign up to request clarification or add additional context in comments.

6 Comments

so do i print out DATA after because my script already echos out everything. my script doesn't return anything just echos out the list
$('.div').html(data); is that what i need to print out what my script produces? should i have my script return a string and jquery prints it?
Thats correct, everything your scripts echos will be in data. $('.div').html(data); will fill the div with everything your script echoed. Just write it inside the function(data) { }
considering the code that you provided me should i be worried of any security issues as mentioned above in the comments?
Of course, because anyone can pass any url to your php script. At this point, you have to make sure, that your php script is only handling "fine" urls, which shouldn't harm you. Its less a security issue but more a law issue, if someone passes a url like hot_child_porn_here.com (comment from Marc B) and your server is parsing the content and displaying all images on the passed site, then YOUR server is displaying these images as a proxy. I dont know the laws in the United States, but here in Germany you may find yourself infront of a court.
|
0

See jQuery.ajax(), the 'sending data to the server' example.

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.