Passing PHP Variable to a Javascript How do I do this? 2

[Zych]

Hello All,

I am parsing some XML with PHP and push it into a PHP variable. I want to pass this to a Javascript variable to use in a javascript script. How do you do this?

Here is a small example of what I am trying to do but does not work:

<SCRIPT LANGUAGE="JavaScript">

<!-- Begin

var wholemessage=''

//text: change to your own

wholemessage='<?php echo $TheWholeMessage; ?>'

function start(){
if (document.all) return
....

Thanks,

Zych

 

[Vragabond]

Does not work is not really descriptive. Does the value of $TheWholeMessage appear in the correct place? Where does this variable come from (in PHP)? Is it a PHP error (nothing between the quotes) or a JavaScript error? These are a few questions you need to answer before we begin helping you.

 

[Zych]

Hey Vragabond,

I think I am getting closer to fixing it. Apparently the problem is in the string that is being passed not the passing itself. I just replaced it with a simple string and it worked. When I said it did not work, what it did not do is show any of the text and no error. I am going to have to play with it and see what is causing it to fail. It may be too long but I am not sure. Thanks for your help.

- Zych

 

[kenrbnsn]

Be carefull. If the XML that you are generating contains a single quote, the Javascript assignment will fail.

I've run into that problem recently.

Ken

 

[DRJ478]

Maybe the string contains single quotes or something else that destroys the correct JavaScript context. That's what it looks like. The absence of an error indicates that the JS is never executed.

 

[Zych]

Damn it! I should have looked her before going through this. Your comments would have made this a little faster. You all are very close. The culprit is a ' which is supposed to be a '. For example it may say Apple's new computer .... etc.

I have also noticed another area which may cause problems and that is a " For example it says "Blue Tag" tracking, positioning, and privacy issues

I would imagine that there is a way in PHP to replace strings in another string. How would I do this and how should I replace it? For example should I replace ' with a /' ?

Thanks Zych

 

[Zych]

For other people's reference the string that needs to be used instead of a ' is \u0027 and for " it is \u0022. I have tested this and it works great. Now I just need to find the php code to replace a string with another string. In other words I would need to change:

Apple&#39s new system

so it reads:

Apple\u0027s new system

and then of course the same with the quotes.

- Zych

 

[kenrbnsn]

You can use the function str_replace().

$string = 'Apple&#39s new system';
$string = str_replace('&#39s','\u0027s',$string);

Ken

 

[DRJ478]

str_replace() is the function you want to look at.
Example:

$str = str_replace(''','\u0027',$subject);

However, I don't understand yet why the HTML entity ' breaks your JavaScript. Please explain.

 

[DRJ478]

Just as a note:
All HTML entities end with a semicolon.

 

[Zych]

Hey DRJ478,

I am not sure why it breaks the javascript. I just replaced it and it worked. I am not sure which one of the characters caused the problem.

And thanks to the two of you for finding this for me. I will let you know how this works.

- Zych

 

[Zych]

Now I am going to have to correct myself. I went back and tried to figure out what exactly was breaking it. I swear I took out the ' and it worked but I tried it again and it worked fine with it.

I have now found out it is in some spacing in the XML. Apparently it is either the length of the string (which is currently 4829) or that it does not like a lot of spaces.

I went back into the source and copied out the exact string, went back into the program and changed it from a php variable to the exact string. It did not work this way either. I then removed all the extra spaces and it worked.

here is the string below:

wholemessage='&nbsp;<br><div class="itemtitle"><a class="itemtitle" 
href="[URL unfurl="true"]http://www.securityfocus.com/news/11260?ref=rss"[/URL] 
target="_blank">News: Device drivers filled with flaws, threaten 
security</a></div><div class="itemdescription">The uneven skills of driver 
programmers have left a legion of holes in software that ships with Windows 
and Linux, security experts say.</div><br>&nbsp;<br><div 
class="itemtitle"><a class="itemtitle" 
href="[URL unfurl="true"]http://www.securityfocus.com/news/11235?ref=rss"[/URL] 
target="_blank">News: Witty worm flaws reveal source, initial 
targets</a></div><div class="itemdescription">The worm&#39;s creator used a 
computer at an European ISP to spread the program Internet-wide a year ago, 
starting with 110 systems at a U.S. military base, an analysis 
reveals.</div><br>&nbsp;<br><div class="itemtitle"><a class="itemtitle" 
href="[URL unfurl="true"]http://www.securityfocus.com/news/11281?ref=rss"[/URL] 
target="_blank">News: Irish college deploys fingerprint 
scanners</a></div><div class="itemdescription">It was with a little fanfare 
of trumpets that St Andrew&#39;s College in Dublin today announced it has 
rolled out a biometric student registering solution which allows the 
reading of kids&#39; fingerprints without physically storing an image of 
same.</div><br>&nbsp;<br><div class="itemtitle"><a class="itemtitle" 
href="[URL unfurl="true"]http://www.securityfocus.com/news/11280?ref=rss"[/URL] 
target="_blank">News: July trial for Sasser suspect</a></div><div 
class="itemdescription">The German teenager accused of creating the 
infamous Sasser worm faces a July trial for computer sabotage 
offences</div><br>&nbsp;<br><div class="itemtitle"><a class="itemtitle" 
href="[URL unfurl="true"]http://www.securityfocus.com/infocus/1834?ref=rss"[/URL] 
target="_blank">Infocus: Bluetooth Security Review, Part 2</a></div><div 
class="itemdescription">Part 2 of the Bluetooth series looks at several 
unpublished vulnerabilities in Symbian based phones, and then moves on to 
discuss &quot;Blue Tag&quot; tracking, positioning, and privacy 
issues.</div><br>&nbsp;<br><div class="itemtitle"><a class="itemtitle" 
href="[URL unfurl="true"]http://www.securityfocus.com/infocus/1833?ref=rss"[/URL] 
target="_blank">Infocus: Chrooted Snort on Solaris</a></div><div 
class="itemdescription">This article discusses the installation and 
configuration of a chrooted Snort IDS on most versions of 
Solaris.</div><br>&nbsp;<br><div class="itemtitle"><a class="itemtitle" 
href="[URL unfurl="true"]http://www.securityfocus.com/infocus/1832?ref=rss"[/URL] 
target="_blank">Infocus: Web Browser Forensics, Part 2</a></div><div 
class="itemdescription">Part 2 of this web browser forensics series looks 
at reconstructing Mozilla Firefox&#39; cache in order to catch an internal 
hacker using an administrator&#39;s account</div><br>&nbsp;<br><div 
class="itemtitle"><a class="itemtitle" 
href="[URL unfurl="true"]http://www.securityfocus.com/infocus/1831?ref=rss"[/URL] 
target="_blank">Infocus: Software Firewalls versus Wormhole 
Tunnels</a></div><div class="itemdescription">This article explains how the 
PCAP library on Windows can be used to render software firewalls and client 
VPN environments ineffective, easily bypassing traditional security 
measures.</div><br>&nbsp;<br><div class="itemtitle"><a class="itemtitle" 
href="[URL unfurl="true"]http://www.securityfocus.com/columnists/330?ref=rss"[/URL] 
target="_blank">Columnists: White Hat or White Whale?</a></div><div 
class="itemdescription">Sometimes an obsession over any one security 
approach, whether it&#39;s policy or a specific technology, can be a very 
unhealthy thing overall.</div><br>&nbsp;<br><div class="itemtitle"><a 
class="itemtitle" 
href="[URL unfurl="true"]http://www.securityfocus.com/columnists/329?ref=rss"[/URL] 
target="_blank">Columnists: Is Deleting Spyware A Crime?</a></div><div 
class="itemdescription">The murky waters that sustain the spyware companies 
may have a few unpleasant surprises just beneath the 
surface</div><br>&nbsp;<br><div class="itemtitle"><a class="itemtitle" 
href="[URL unfurl="true"]http://www.securityfocus.com/elsewhere?ref=rss"[/URL] 
target="_blank">Elsewhere: IM worm lures users to the dark 
side</a></div><div class="itemdescription">Users of AOL and Yahoo instant 
messaging clients have been bombarded with a phishing attack that plays on 
the current interest in Star Wars.


Yahoo users have received me...</div><br>&nbsp;<br><div class="itemtitle"><a class="itemtitle" href="[URL unfurl="true"]http://www.securityfocus.com/elsewhere?ref=rss"[/URL] target="_blank">Elsewhere: How to crack passwords, and why you should</a></div><div class="itemdescription">Your network&#39;s weak point is often the users and their passwords, and the only way to check the security of your passwords is to try to crack them

Auditing passwords is ...</div><br>&nbsp;<br><div class="itemtitle"><a class="itemtitle" href="[URL unfurl="true"]http://www.securityfocus.com/rss/index.shtml"[/URL] target="_blank">More rss feeds from SecurityFocus</a></div><div class="itemdescription">News, Infocus, Columns, Vulnerabilities, Bugtraq ...</div><br>'

As you can see there is two places where there is a lot of spaces. This is in the XML this way. When I manually removed it, it worked.
So I guess the new question is: Is it too long with the spaces or is it just having the spaces causing the problems? If it is the spaces how can I remove them since it is in between some XML tags?

Thanks,

Zych