Skip to main content
Software Engineering

You are not logged in. Your edit will be placed in a queue until it is peer reviewed.

We welcome edits that make the post easier to understand and more valuable for readers. Because community members review edits, please try to make the post substantially better than how you found it, for example, by fixing grammar or adding additional resources and hyperlinks.

4
  • 1
    Really... Getting a downvote for this. I am certain I answered the OP's question correctly. Why the hate? Commented Feb 9, 2021 at 12:26
  • 1
    I guess some other people are certain you didn't answer the question correctly. I doubt they hate you though. Commented Feb 9, 2021 at 20:04
  • 4
    Welcome to Stack Overflow! Your answer is helpful in pointing out that the proposed public API would leak data on other members (something others did not always notice). I've given you an upvote for this, as it's important. Downvotes may be a signal your answer could more clearly & directly answer the OP's question "It is good to escape PHP code in inline JS, or should they get the ID via AJAX and store it into a JS variable"? I absolutely encourage your wider thinking and consideration of PHP/ JS integration and API issues, as this has real value. Cheers! Commented Feb 9, 2021 at 23:44
  • 1
    Why do you assume that check_if_paid_qr.php is accessed in the same session as the QR code is produced (the code that therealtsuki showed)? As I understand it, the QR code is produced in one session, but read in another (where there might not even be a session cookie). Commented Feb 12, 2021 at 22:31