-1

Is it possible with Javascript to dynamically generate php code and run it without reloading?

Improve this question
8
  • 1
    javascript is a client language, php a server language... i think the answer is no... why you want this? Commented Mar 9, 2012 at 9:36
  • Yes, but don't do it. It would be horribly, horribly unsecure. If you described a bit what you want to accomplish, I'm sure that there's another way of getting to it. Commented Mar 9, 2012 at 9:37
  • 1
    Why the heck would you want to do that?? Commented Mar 9, 2012 at 9:37
  • 1
    You should just send the parameters that set the "things", not the entire PHP code itself. Commented Mar 9, 2012 at 9:39
  • 1
    You can hand over parameters (post and/or get, e.g. an articleId) to the PHP script via the Ajax call. The PHP script could analyze these and respond accordingly (e.g. respond with the corresponding article). This is common practice. Commented Mar 9, 2012 at 9:39

3 Answers 3

Reset to default
2

Well, technically, you could use ajax to send the code to backend that would then save it and another ajax call to run it but that would be a tremendous security hole, i.e. DONT DO IT

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

2

You have to understand something, Javascript is Client-Side language, and PHP is Server-Side, hence you can't use Javascript to "generate" PHP code.

What you can do is send data through a request via POST or GET using AJAX to a PHP file, which will do something with that data and then return a response without reloading the page.

Improve this answer

1 Comment

actually as scibuff said you can, you could send the php code via AJAX to a php file which will receive the php code as a string and then save it, but as Juhana said, it would be a TREMENDOUS security hole, as anyone with access to that form to create and run php code on your server would have entire access to it
0

Yes you can do it but it is pointless and dangerous. You can "generate" php code for some purposes /eg automated php script modification/ but you should never allow server side to directly execute unescaped input.

Looking at your question I suppose you dont clearly make the difference between Client and Server sides scripting. So make sure you realize it!

I suggest you think again and find better solution to your problem /or ask if you cant/.

Some further information : XSS

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.