日期:2014-05-16 浏览次数:20607 次
(function($){ window.isIE6=$.browser.msie && jQuery.browser.version==6.0; jQuery.extend({ ajaxFormNums:0, ajaxFormPost:function(sURL, datas, callBack,domains){/*[sURL=提交地址, datas=要提交的数据对像, callBack=回 调,domain=域]*/ domains=domains||'51.com'; var on='TEMP_POST_'+$.ajaxFormNums; var of=[]; of.push('<div id="'+on+'_DIV" style="position:absolute;z-index:10;top:-20000100px;"><iframe id="'+on+'_IFRAME" name="'+on+'_IFRAME" height="1" width="1" src="http://friend.51.com/ajax_blank.php?d='+encodeURIComponent (domains)+'" frameborder="0" border="0" scrolling="no"></iframe><form id="'+on+'_FORM" name="'+on+'_FORM" method="post" action="'+sURL+'" target="'+on+'_IFRAME">'); $.each(datas,function(i,n){of.push('<textarea name="'+i+'" style="width:1px;height:1px;">'+n+'</textarea>');}); of.push('<input type="submit" value="Submit" name="b1" style="width:1px;height:1px;" /></form></div>'); $(document.body).append(of.join(''))//.insertAdjacentHTML("beforeEnd", of.join('')); //document.body.insertAdjacentHTML("beforeEnd", of.join('')); of=null; $('#'+on+'_IFRAME').bind('load',function(){ if(!$(this).attr('summary')) { $(this).attr('summary',1); $('#'+on+'_FORM').submit(); return false; } if(isIE6) { if($.isFunction(callBack)) { callBack(window.name); } else { eval(callBack+'(window.name)'); } } else { var oIf= this.id; if($.isFunction(callBack)) { if(navigator.userAgent.toLowerCase().indexOf('se 2.x')>-1) { callBack(frames[oIf].document.body.innerText); } else { callBack(frames[oIf].document.body.innerHTML); } } else { eval(callBack+'(frames[oIf].document.body.innerHTML)'); } } window.setTimeout(function(){$('#'+on+'_DIV').remove();},1); }); $.ajaxFormNums++; } }); })(jQuery);
$.ajaxFormPost('http://localhost/api.php?act=say', {cont:cont}, function(data){ alert(data); });
<html><head><title>51.com</title><script type="text/javascript">document.domain="51.com";</script></head><body></body></html>
document.domain='51.com';
$result=-1; echo "<script>if(!/msie 6/i.test(navigator.userAgent)){document.domain='51.com';}else{parent.name='$result';}</script>$result";
$.getJSON("http://localhost/api.php?callback=?",{receiver:receiver},function(data){ alert(data.info); })
$ret['info'] = iconv("GBK", "UTF-8", "不存在该用户"); $result = json_encode($ret); echo request_check($_GET['callback']).'('.$result.')'; $_GET['callback']需处理一下,防止rss攻击 function request_check($post){ if(!get_magic_quotes_gpc()) // 判断magic_quotes_gpc是否为打开 { $post = addslashes($post); // 进行magic_quotes_gpc没有打开的情况对提交数据的过滤 } //$post = str_replace("_", "\_", $post); // 把 '_'过滤掉 //$post = str_replace("%", "\%", $post); // 把' % '过滤掉 $post = nl2br($post); // 回车转换 $post= htmlspecialchars($post, ENT_QUOTES); // html标记转换 return $post; }
header('cache-control:no-cache;'); header('Content-Encoding: plain');