Store session variable name in HTML 5 Web Storage?

I’ve one PHP application running on a server and there is some user authentication over there. So, I can get the user name using PHP session variable.

But I want to use HTML 5 Web Storage in PHP for the following reason:

There’s going to be a link in the web page of the PHP application which when clicked by the user, will take them to a new tab of the browser. This new tab will contain another web application which is not PHP based.

So, from the PHP web application, I want to store the user information into HTML 5 web storage (basically session storage) so that I could retrieve it in the another tab using HTML 5 web storage. Since, both the tabs are in the same browser session, I should be able to get the stored information from PHP in a new tab using HTML 5 session storage.

Is it possible to achieve above scenario in PHP?

That is actually not or not only PHP question.

But any way, HTML 5 session storages separated by domains. So you can’t see your data, if your PHP and non-PHP sites are in different domains.

As the documentation on golang puts it nicely:

Do not communicate by sharing memory; instead, share memory by communicating.

Many have gone before, using a shared database between multiple applications. It (almost?) never ends well.

Thanks for your input.

I am wondering what does different domains has to do with it. I mean if I can storage some info to HTML 5 session storage using PHP, I should be able to retrieve same information using my non-PHP website as long as it’s on the new tab and same browser?


If I could make use of Javascript part of PHP website somehow, then I maybe able to store the information to HTML5 session storage from PHP website?

Thanks for your input.

I didn’t quite understand it properly. What would be an example of share memory by communicating?

Didn’t understand this part properly.

You’ve not told, whether or not both of your sites owned by same domain.

If yes, PHP has no directly access to HTML web storage. So you should to send your data to client with response and save in web storage with JS.

They are on different servers.

Here I’m little confused when you say to send data with response. Could you please elaborate. Thanks

They are on different servers.

Quote from your link: Web storage is per origin (per domain and protocol). All pages, from one origin, can store and access the same data.

As I said, you can’t save data in web storage for different domains.

1 Like

Thanks. How should I deal with this problem then in my case?

  1. Save your PHP session/authentication data in DB.

  2. Send from PHP to non-PHP site session id (in GET).

  3. Non PHP server script checks in DB whether user with this id has actual session.

I think right about here is where this plan falls apart.

If you’re referring to a server-side script then… it’s a PHP server.
If you’re referring to a client-side script then… you’re putting DB access information in a client side script.

I don’t understand the problem.

We have…

…PHP site. in PHP _SESSION there is all authentication data.
…Java site (I asume).


PHP saves _SESSION with session_id in DB.
PHP client, by referring on Java, gets cookie session id and adds it to URL.
Java checks in DB whether this session id exists and not expired.

And how is Java going to check in the DB without putting the DB login and password into Java? And thus into every browser of the website’s hands?

E-e… As PHP as Java applications should have connect to some shared DB. I thought, this is clear.

So you’re going to put your database username and password into your client applications? Please, do share with me your websites so i can hack them all instantly by using your DB credentials you are giving to me.

It was, indeed, ‘clear’. But it’s clearly a bad idea.

Are both Servers not owned by topic-starter?

But Javascript doesnt execute on the Server. It executes on the Client. My browser. My computer. My access.


Okay. Here’s what I want you to do.

Write some javascript code, that allows you to access a database. BUT. You can’t store the database username or password anywhere in variables. Because I can pause javascript, and tell it to give me the variables.

I really don’t understand you. I told about Java, not JS.