0
考慮我們有一個login.php
文件,如下所示:使用echo顯示數據爲javascript危險嗎?
<?php
$username = $_POST['username'];
$password = $_POST['password'];
// check fields and if they were correct and they are secure against injection attacks anf if there was the username and password
echo '<script> javascript code </script>';
?>
可以使用XSS
攻擊黑客攻擊的簡單php
代碼?
Google這些關鍵字。 –
您無法在php –
中回顯腳本如果您想在_php_和_JavaScript_之間傳遞數據,請使用_JSON_,即使它是生成的源代碼。 –