我用AJAX、PHP和JavaScript实现了一个计算器。计算是在 PHP 代码中完成的。当我向服务器发送响应请求时,我正在获取 PHP 文件的完整源代码。我该如何防止这种情况?
这是我的JavaScript代码:
var xmlHTTP;
var operation;
function process() {
var number1 = document.getElementById("n1").value;
var num1 = parseInt(number1);
var number2 = document.getElementById("n2").value;
var num2 = parseInt(number2);
var answer;
if (document.getElementById('+').checked) {
operation='add';
} else if (document.getElementById('-').checked) {
operation='subs';
}
else if (document.getElementById('*').checked) {
operation='mul';
}
else if (document.getElementById('/').checked) {
operation='div';
}
}
function loadDoc() {
process();
xmlHTTP=new XMLHttpRequest();
xmlHTTP.onreadystatechange = function () {
alert(xmlHTTP.readyState);
alert(xmlHTTP.status);
if (xmlHTTP.readyState == XMLHttpRequest.DONE) {
document.getElementById("cal").i=xmlHTTP.responseText;
}
}
xmlHTTP.open("POST","process.php?value1=num1&value2=num2&value3=operation", true);
xmlHTTP.send();
}
<?php
$number1 = $_POST['value1'];
$number2=$_POST['value2'];
$answer=0;
$op=$_POST['operation'];
//echo $answer;
if($op="add"){
$answer=$number1+$number2;
}
elseif($op="subs"){
$answer=$number1-$number2;
}
elseif($op="mul"){
$answer=$number1*$number2;
}
elseif($op="div"){
$answer=$number1/$number2;
}
else{
echo "Choose an operation";
}
echo $answer;
为了避免将整个代码发送回 ajax 函数,在执行校准的 php 脚本中尝试如下操作:
if( $_SERVER['REQUEST_METHOD']=='POST' ){
ob_clean(); /* discard any output there might have been to this point */
/* do the calculations */
/* send response */
echo $answer;
exit();
}
后期更新现在看到您发布的附加代码后,我可以看到 php 的一些小错误 - 您正在使用单个=
来测试值是否等于某值,这是不正确的,因为它用于设置值。您需要使用双==
来测试相等性,或者===
进行严格的相等性测试。因此,结合我之前的建议,可能类似于以下内容:
<?php
if( $_SERVER['REQUEST_METHOD']=='POST' ){
ob_clean();
$number1 = $_POST['value1'];
$number2 = $_POST['value2'];
$answer=0;
$op=$_POST['operation'];
if($op=="add"){
$answer=$number1+$number2;
} elseif($op=="subs"){
$answer=$number1-$number2;
} elseif($op=="mul"){
$answer=$number1*$number2;
} elseif($op=="div"){
$answer=$number1/$number2;
} else{
echo "Choose an operation";
}
if( $answer ) echo $answer;
exit();
}
?>
我仔细查看了您发布的javascript代码,发现了一些肯定无济于事的问题 - 希望以下内容可能会有所帮助。
/* The values calculated inside this function would not necessarily have been available to
the ajax function so this function returns them as an object. */
function process() {
var operation;
var number1 = document.getElementById("n1").value;
var num1 = parseInt(number1);
var number2 = document.getElementById("n2").value;
var num2 = parseInt(number2);
var answer;
/* Are these valid IDs for DOM elements??? */
if( document.getElementById('+').checked ) operation='add';
else if( document.getElementById('-').checked ) operation='subs';
else if( document.getElementById('*').checked ) operation='mul';
else if( document.getElementById('/').checked ) operation='div';
return {
n1:num1,
n2:num2,
op:operation
}
}
/* You never actually sent the values from the `process` function as they
were not properly escaped/unquoted. */
function loadDoc() {
var obj=process();
var xmlHTTP=new XMLHttpRequest();
xmlHTTP.onreadystatechange = function () {
if (xmlHTTP.readyState == 4 && xmlHTTP.status == 200 ) {
document.getElementById("cal").innerHTML=xmlHTTP.responseText;
}
}
xmlHTTP.open( "POST", "process.php?value1="+obj.n1+"&value2="+obj.n2+"&value3="+obj.op, true );
xmlHTTP.setRequestHeader('Content-Type','application/x-www-form-urlencoded');
xmlHTTP.send();
}
echo $answer;
后使用 exit();
或 die();
.发送到页面的 AJAX 请求将返回整个页面源代码作为响应,如果未使用 exit();
停止脚本,并且它们不应该是echo $answer;
之前的任何其他回显,因为它也将与您的响应一起添加。您可以使用开关大小写,而不是使用多个 if 和 elseif 语句。
例如:
...
Switch($op) {
case 'add':
$answer=$number1+$number2;
break;
...
...
}
echo $answer;
die();