已在脚本中使用 window.parent
所以我有这个:
/* ---------------------------- */
/* XMLHTTPRequest Enable */
/* ---------------------------- */
function createObject() {
var request_type;
var browser = navigator.appName;
if(browser == "Microsoft Internet Explorer"){
request_type = new ActiveXObject("Microsoft.XMLHTTP");
}else{
request_type = new XMLHttpRequest();
}
return request_type;
}
var http = createObject();
/* -------------------------- */
/* INSERT */
/* -------------------------- */
var nocache = 0;
function insert() {
document.getElementById('insert_response').innerHTML = "Please Wait. "
var fID= encodeURI(document.getElementById('fID').value);
var kommentar= encodeURI(document.getElementById('kommentar').value);
nocache = Math.random();
// Pass variables like URL variable
http.open('get', 'insert.php?fID='+fID+'&kommentar=' +kommentar+'&nocache = '+nocache);
http.onreadystatechange = insertReply;
http.send(null);
}
function insertReply() {
if(http.readyState == 4){
var response = http.responseText;
document.getElementById('insert_response').innerHTML = ''+response;
}
}
我在index.php中有这个。您可以在那里写评论,然后按提交。当您按下提交时,它会运行此脚本:: 将变量传递给 insert.php,并在 insert_response 中显示响应。在 insert.php 中,它将注释插入数据库。
<?php
mysql_query("INSERT INTO comments (fID, navn, kommentar, dato) VALUES ('$fID', '$pusername' ,'$kommentar', '$dato')") or
die(mysql_error());
echo "Comment successfully";
?>
<script type="text/javascript">
if (window.parent) {
window.parent.someFunction('hello world');
}
</script>
这是我的 insert.php^,正如你所看到的,我想向 window.parent 发送消息“hello world”。
但由于某种原因它无法工作,就像它不想将此脚本嵌入到 insert_response div 中一样。
现在window.parent,我想的是我的index.php,我有这个:
<script type="text/javascript">
function someFunction(msg) {
alert(msg);
}
</script>
谢谢!
Insert.php,分派到客户端:
<?php
ob_start();
header("Cache-Control: no-cache, must-revalidate"); // HTTP/1.1
header("Expires: Sat, 26 Jul 1997 05:00:00 GMT"); // Date in the past
header('Content-type: text/html; charset=utf-8');
include('../tilslut.php');
define('IN_PHPBB', true);
$phpbb_root_path = '../../../';
$phpEx = substr(strrchr(__FILE__, '.'), 1);
include($phpbb_root_path . 'common.' . $phpEx);
// Start session management
$user->session_begin();
$auth->acl($user->data);
$user->setup();
$pusername = $user->data['username'];
if($user->data['is_registered']){
?>
<!-- Verify if user exists for login -->
<html>
<head>
<link href="../style.css" type="text/css" rel="stylesheet" />
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.4/jquery.min.js"></script>
<script type="text/javascript" src="../ajax_framework.js" language="javascript" charset="UTF-8"></script>
</head>
<body>
<?php
if(isset($_GET['fID']) && isset($_GET['kommentar'])){
$fID= $_GET['fID'];
$kommentar= $_GET['kommentar'];
$resultat = mysql_query("SELECT * FROM member_filmcomments WHERE navn = '".mysql_real_escape_string($pusername)."' AND fID = '$fID'") or
die(mysql_error());
$row = mysql_fetch_array($resultat);
$resultat2 = mysql_query("SELECT * FROM member_filmcomments WHERE navn = '".mysql_real_escape_string($pusername)."' AND kommentar = '".$kommentar."' AND fID = '".$fID."'") or die(mysql_error());
$row2 = mysql_fetch_array($resultat2);
$k10check = mysql_query("SELECT * FROM member_filmcomments WHERE navn = '".mysql_real_escape_string($pusername)."'") or die(mysql_error());
$oldtimecheck = mysql_query("SELECT dato FROM member_filmcomments WHERE navn = '".mysql_real_escape_string($pusername)."' AND fID = '".$fID."'") or die(mysql_error());
$oldtimec = mysql_fetch_array($oldtimecheck);
$realDate = $oldtimec["dato"];
if(empty($kommentar)){
echo "Tomt! Du skal indtaste en kommentar i feltet.";
}elseif (mysql_num_rows($resultat2) == 1) {
echo "Dobbelpost. Du har allerede skrevet samme kommentar én gang.";
}elseif( (strtotime($realDate) + 120) > time() ) {
echo "Vent venligst 2 minutter, før du skriver en ny kommentar i samme klip!";
}else{
$dato = date("Y-m-d H:i:s");
$pointsystem = mysql_query("SELECT gpk, gpk10 FROM member_pointsystem");
$row = mysql_fetch_array($pointsystem);
$k10 = mysql_real_escape_string($row["gpk10"]);
$earning = mysql_real_escape_string($row["gpk"]);
if (mysql_num_rows($k10check) == 10) {
mysql_query("UPDATE member_profile SET points = points+$k10") or die(mysql_error());
echo "<b>Du har fået +".$k10." Points, for at have kommenteret 10 gange i video-sektionen!</b><br>";
}
mysql_query("UPDATE member_profile SET points = points+$earning") or die(mysql_error());
mysql_query("INSERT INTO member_filmcomments (fID, navn, kommentar, dato) VALUES ('$fID', '$pusername' ,'$kommentar', '$dato')") or
die(mysql_error());
?>
if (window.parent) {
window.parent.someFunction('hello world');
}
<?
}
}
?>
<!-- Footer End of user logged in -->
<?
}else{
echo "Authorited Users Only!";
}
ob_flush();
?>
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
为什么不简单地评估下载的代码,而不是嵌入
服务器端
客户端
Instead of embed a
<script
tag, why don't simply eval the code downloaded? Of course, you must trust in the server, and the response must always be javascript.SERVER SIDE
CLIENT SIDE