m0nsterr
m0nsterr

Reputation: 131

Javascript variable protection

Is it possible to protect Javascript variables gotton from PHP variables? If so, how?

 this.name = "<?PHP if(isset($_SESSION['steamid']))echo $_SESSION['name']; ?>";

I don't want users to change their names. I've read something about sanitizing, but don't know what it is, and I don't know if this would work with this setup. Thanks.

Upvotes: 0

Views: 57

Answers (1)

Mark
Mark

Reputation: 569

this.name is a property, not a variable strictly speaking. This means you can get a basic level of protection with Object.defineProperty.

For example, the following will set the property to read-only (so that attempts to set it to another value will fail).

Object.defineProperty(this, 'name', {
    value: "<?PHP if(isset($_SESSION['steamid']))echo $_SESSION['name']; ?>",
    writable: false
});

It's important to note that this largely just protects against accidental manipulation. As a client-side language, any determined person will be able to manipulate your code and values and there's nothing you can do to prevent this.

Upvotes: 1

Related Questions