问题描述
我使用$ _GET方法(team1,team2)将两条信息传递给一个php页面。
我想在一些javascript中使用这些变量。我怎样才能做到这一点?
谢谢 原始答案
在您的.php文件中。
< script type =text / javascript>
var team1,team2;
team1 =<?php echo $ _GET ['team1']; ?取代;
team1 =<?php echo $ _GET ['team1']; ?取代;
< / script>
更安全的答案:
当我抨击这个答案时,甚至没有想过XSS。 (查看注释!)$ _GET数组中的任何内容都应该被转义,否则用户几乎可以将他们想要的任何JS插入到页面中。所以试试这样:
< script type =text / javascript>
var team1,team2;
team1 =<?php echo htmlencode(json_encode($ _ GET ['team1'])); ?取代;
team1 =<?php echo htmlencode(json_encode($ _ GET ['team1'])); ?取代;
< / script>
从这里。
更多关于Google的XSS 。
干杯评论者。
I am passing two pieces of info to a php page using the $_GET method (team1, team2).I'd like to use these as variables in some javascript. How can I do this?
Thanks
Original answer:
In your .php file.
<script type="text/javascript">
var team1, team2;
team1 = <?php echo $_GET['team1']; ?>;
team1 = <?php echo $_GET['team1']; ?>;
</script>
Safer answer:
Didn't even think about XSS when I blasted this answer out. (Look at the comments!) Anything from the $_GET array should be escaped, otherwise a user can pretty much insert whatever JS they want into your page. So try something like this:
<script type="text/javascript">
var team1, team2;
team1 = <?php echo htmlencode(json_encode($_GET['team1'])); ?>;
team1 = <?php echo htmlencode(json_encode($_GET['team1'])); ?>;
</script>
More about XSS from Google http://code.google.com/p/doctype/wiki/ArticleXSSInJavaScript.
Cheers to the commenters.
这篇关于将php $ _GET变量存储在一个JavaScript变量中?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!