Fatal编程技术网
  • javascript/
  • Javascript $.ajax无法正常运行-返回index.html

Javascript $.ajax无法正常运行-返回index.html

javascript jquery json ajax

Javascript $.ajax无法正常运行-返回index.html,javascript,jquery,json,ajax,Javascript,Jquery,Json,Ajax,我正在尝试编写一个函数,该函数允许我停止在我想要使用它的每个表单和元素上编写冗余的ajax请求。这是一个非常简单的概念,但我似乎不知道它有什么问题。我只得到一个错误,但它与一个错误的令牌有关,因为json无效,但如果我删除json函数,它将什么也不做。如果我用返回的数据填充容器,我只会得到索引页的一个副本。这是从索引页运行的,如果这有区别的话 我只是好奇是否有人看到我在这里遗漏的任何错误 谢谢 这是密码 $(document).ready(function(){ /* ajax request

我正在尝试编写一个函数,该函数允许我停止在我想要使用它的每个表单和元素上编写冗余的ajax请求。这是一个非常简单的概念,但我似乎不知道它有什么问题。我只得到一个错误,但它与一个错误的令牌有关,因为json无效,但如果我删除json函数,它将什么也不做。如果我用返回的数据填充容器,我只会得到索引页的一个副本。这是从索引页运行的,如果这有区别的话

我只是好奇是否有人看到我在这里遗漏的任何错误

谢谢

这是密码

$(document).ready(function(){
/* ajax request standard functions 
    Optional attributes:
        loadtype[html]: prepend, append, html(*complete page load*)
        ajaxcon[error]: container to be affected by ajax
        method[GET]: post/get
        loader[progress1]: alternate load image other than the standard 

*/
$(document).on('click', '.ajaxMe', function(e){
    e.preventDefault();

    var el = $(this); //a, li, form
    var tag = el.prop('tagName'); //a, li, form
        if(tag == 'FORM'){aType = 1;}else{aType = 2;} //sets default to a/li
    var method = el.attr('method');
        if(!method) method = 'GET'; //default method
    var ajaxcon = el.attr('ajaxcon');
        //if there's no ajax container to receive the data, return an error 
        if(!ajaxcon && aType != 1){
            //later on, this should call a function that pops up the error box instead of an alert
            alert("There seems to be a code error. Please contact support or try again later");
            return false;
        }
    var loadtype = el.attr('loadtype');
        if(!loadtype) loadtype = 'html'; //default loadtype set to html
    var altloader = el.attr('altloader');
        if(!altloader) altloader = 'http://localhost/mgo/img/gifs/loader.gif'; //default wait image

    //set the variables that are determined by the parent element type
    if(aType == 1){
        var href = el.attr('action');
        var sdata = el.serialize(); //We can serialize the data of all forms without checking because checking is going to be done on the php side from now on
    }else if(aType == 2){
        var href = el.attr('href');
        var sdata = el.attr('rel');
    }

    /*JSON return layout:
        return{
            status: 0/1 -- included in case there is additional checking on the jquery side before/instead php redirect
            message: message to display if bad
            badInputs: inputs to highlight
        }
    */

    alert(sdata);
    $.ajax({
        type: method,
        URL: href,
        data: sdata,
        success: function(ret){ //return is always going to be JSON
            if(aType == 1){
                //if data gets returned, it's an error. if no error, the php takes over and forces the next page
                var r = $.parseJSON(ret);
                el.find('.TopMsg')[loadtype](r.message);
            }else if(aType == 2){
                ajaxcon[loadtype](ret);
            }
        }
    });
});
});
编辑 为了更好地衡量,我添加了html和php

HTML

<form class = 'Frm-cb ajaxMe' id = 'frmsignup' action = 'http://localhost/mgo/modules/signup/php/signup1.php'>
<h1 style = 'background-color: green;'>Sign up now for all the benefits of MGo!</h1>

    <div class = 'TopMsg'></div>

    <label>email</label>
    <input type = 'text' name = 'email' id = 'email'>

    <label>confirm email</label>
    <input type = 'text' name = 'email2' id = 'email2'>

    <label>password</label>
    <input type = 'password' name = 'password' id = 'password'>

    <label>confirm password</label>
    <input type = 'password' name = 'password2' id = 'password2'>

    <label>zip code</label>
    <input type = 'text' name = 'zip' id = 'zip' maxlength = '5'>

    <button type = 'submit'>finish</button>
</form>


现在就注册,享受MGo的所有好处!
电子邮件
确认电子邮件
密码
确认密码
邮政编码
完成
PHP

<?

/*
    This script is going to do the data validation for the jQuery so users can't hard code the scripts to change validation rules.
    The output is JSON. 
        JSON output map:
        [return]
            [status]
            [badInputs]
                [inputname]
            [msg]
            [addClass]
            [changeClass]
*/

include_once "C:/xampp/htdocs/mgo/scripts/php/connect/gen_user_db_connect.php";
include_once "C:/xampp/htdocs/mgo/scripts/php/validate/dataValidation.php";

$bi = array();
$msg  = "";
$stat = 1;

$e1 = $_GET['email'];
$e2 = $_GET['email2'];
$p1 = $_GET['password'];
$p2 = $_GET['password2'];
$zip = $_GET['zip'];

$inputs = array("0", "username", "text");

$eChk = validate($e1)['email'];
$pChk = validate($p1)['len'];
$zChk = validate($zip);

if($eChk == 0){
    $msg .= "Please enter a valid email address\n";
    array_push($bi, "#email");
    $stat = 0;
}

if($e1 != $e2){
    $msg .= "Emails don't match\n";
    array_push($bi, "#email2");
    $stat = 0;
}

if($pChk < 6){
    $msg .= "Password must be a minimum of 6 characters\n";
    array_push($bi, "#password");
    $stat = 0;
}

if($p1 != $p2){
    $msg .= "Passwords don't match\n";
    array_push($bi, "#password2");
    $stat = 0;
}

if($zChk['num'] == 0){
    $msg .= "Must enter a valid zip code\n";
    $stat = 0;
}

$return = json_encode(array("msg" => "<pre>$msg</pre>",
                           "status" => $stat,
                           "badInputs" => $inputs));

echo $return;
?>
URL参数的名称不应大写--“URL”而不是“URL”

  • 在服务器端执行frontent脚本验证(检查篡改)似乎有点奇怪,因为如果有人可以篡改脚本,那么他就可以轻松篡改正在发送的脚本数据,因此这里没有安全性

  • 尝试向ajax调用添加
    dataType:json

  • 添加
    die()
    到php脚本的末尾,以进一步终止执行

    • 所以你的代码应该是

    JS

    ....

$return = json_encode(array("msg" => "<pre>$msg</pre>",
                           "status" => $stat,
                           "badInputs" => $inputs));

echo $return;
die();
?>
    PHP

    <?

/*
    This script is going to do the data validation for the jQuery so users can't hard code the scripts to change validation rules.
    The output is JSON. 
        JSON output map:
        [return]
            [status]
            [badInputs]
                [inputname]
            [msg]
            [addClass]
            [changeClass]
*/

include_once "C:/xampp/htdocs/mgo/scripts/php/connect/gen_user_db_connect.php";
include_once "C:/xampp/htdocs/mgo/scripts/php/validate/dataValidation.php";

$bi = array();
$msg  = "";
$stat = 1;

$e1 = $_GET['email'];
$e2 = $_GET['email2'];
$p1 = $_GET['password'];
$p2 = $_GET['password2'];
$zip = $_GET['zip'];

$inputs = array("0", "username", "text");

$eChk = validate($e1)['email'];
$pChk = validate($p1)['len'];
$zChk = validate($zip);

if($eChk == 0){
    $msg .= "Please enter a valid email address\n";
    array_push($bi, "#email");
    $stat = 0;
}

if($e1 != $e2){
    $msg .= "Emails don't match\n";
    array_push($bi, "#email2");
    $stat = 0;
}

if($pChk < 6){
    $msg .= "Password must be a minimum of 6 characters\n";
    array_push($bi, "#password");
    $stat = 0;
}

if($p1 != $p2){
    $msg .= "Passwords don't match\n";
    array_push($bi, "#password2");
    $stat = 0;
}

if($zChk['num'] == 0){
    $msg .= "Must enter a valid zip code\n";
    $stat = 0;
}

$return = json_encode(array("msg" => "<pre>$msg</pre>",
                           "status" => $stat,
                           "badInputs" => $inputs));

echo $return;
?>

    。。。。
$return=json_encode(数组(“msg”=>“$msg”,
“状态”=>$stat,
“不良输入”=>$inputs));
回音$return;
模具();
?>
    添加退出;在ajaxcall文件的文件末尾。所以它会破坏你的索引文件的执行把你的html代码放在这里,这样我就能找到问题了。我觉得自己像个白痴,但这是一个很棒的陷阱。把它修好了。非常感谢。你是个救生员!我不敢相信事情会这么简单。从标题中我知道你忘记(或拼错)了url参数。如果你试着猜我怎么知道你做了什么,也许会让你感觉更好。我不知道标题是怎么泄露的……请告诉我,如果你没有提供URL,该值将默认为空字符串。由于URL是在当前基的上下文中解释的,因此它将尝试打开加载当前页面的目录。在这种情况下,大多数web服务器将返回index.html。我知道这一切,因为我自己也犯过同样的错误,好几次了。谢谢。这是一个很好的观点。只是出于好奇……你会如何增加安全性?我必须从a到b获取数据,无论我在哪一边检查,数据都可能被弄乱。有什么我遗漏的吗?只要把所有的数据都当作恶意的,把所有的数据都列入黑名单,只允许你想要的数据,我说的是严格的输入验证,就是这样。不需要检查前端脚本是否被篡改。这很有意义。非常感谢。