<?php /** Frame Message class main 与 iframe 相互通讯类 * Date: 2013-12-29 * Author: fdipzone * Ver: 1.0 * * Func: * public execute 根据参数调用方法 * private returnJs 创建返回的javascript * private jsFormat 转义参数 */ class FrameMessage{ // class start /* execute 根据参数调用方法 * @param String $frame 要调用的方法的框架名称,为空则为parent * @param String $func 要调用的方法名 * @param JSONstr $args 要调用的方法的参数 * @return String */ public static function execute($frame, $func, $args=''){ if(!is_string($frame) || !is_string($func) || !is_string($args)){ return ''; } // frame 与 func 限制只能是字母数字下划线 if(($frame!='' && !preg_match('/^[A-Za-z0-9_]+$/',$frame)) || !preg_match('/^[A-Za-z0-9_]+$/',$func)){ return ''; } $params_str = ''; if($args){ $params = json_decode($args, true); if(is_array($params)){ for($i=0,$len=count($params); $i<$len; $i++){ // 过滤参数,防止注入 $params[$i] = self::jsFormat($params[$i]); } $params_str = "'".implode("','", $params)."'"; } } if($frame==''){ // parent return self::returnJs("parent.parent.".$func."(".$params_str.");"); }else{ return self::returnJs("parent.window.".$frame.".".$func."(".$params_str.");"); } } /** 创建返回的javascript * @param String $str * @return String */ private static function returnJs($str){ $ret = '<script type="text/javascript">'."\r\n"; $ret .= $str."\r\n"; $ret .= '</script>'; return $ret; } /** 转义参数 * @param String $str * @return String */ private static function jsFormat($str){ $str = strip_tags(trim($str)); // 过滤html $str = str_replace('\\s\\s', '\\s', $str); $str = str_replace(chr(10), '', $str); $str = str_replace(chr(13), '', $str); $str = str_replace(' ', '', $str); $str = str_replace('\\', '\\\\', $str); $str = str_replace('"', '\\"', $str); $str = str_replace('\\\'', '\\\\\'', $str); $str = str_replace("'", "\'", $str); return $str; } } // class end ?>
A.html
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html> <head> <meta http-equiv="content-type" content="text/html; charset=utf-8"> <title> main window </title> <script type="text/javascript" src="https://www.jb51.net/json2.js"></script> <script type="text/javascript" src="https://www.jb51.net/FrameMessage.js"></script> <script type="text/javascript"> // main js function function fMain(profession, skill, company){ var skill_p = JSON.parse(skill); var company_p = JSON.parse(company); var msg = "main function execute success\n\n"; msg += "profession:" + profession + "\n"; msg += "first skill:" + skill_p.first + "\n"; msg += "second skill:" + skill_p.second + "\n"; msg += "company1:" + company_p[0] + "\n"; msg += "company2:" + company_p[1] + "\n"; alert(msg); } // exec iframe function function exec_iframe(){ // same domain //FrameMessage.exec('', 'myframe', 'fIframe', ['fdipzone', '{"gender":"male","age":"29"}', '["http://blog.csdn.net/fdipzone", "http://weibo.com/fdipzone"]']); // cross domain FrameMessage.exec('http://127.0.0.1/execB.php', 'myframe', 'fIframe', ['fdipzone', '{"gender":"male","age":"29"}', '["http://blog.csdn.net/fdipzone", "http://weibo.com/fdipzone"]']); } </script> </head> <body> <p>A.html main</p> <p><input type="button" value="exec iframe function"></p> <!-- same domain --> <!--<iframe src="https://www.jb51.net/article/B.html"></iframe>--> <!-- cross domain --> <iframe src="https://127.0.0.1/B.html"></iframe> </body> </html> B.html <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html> <head> <meta http-equiv="content-type" content="text/html; charset=utf-8"> <title> iframe window </title> <script type="text/javascript" src="https://www.jb51.net/json2.js"></script> <script type="text/javascript" src="https://www.jb51.net/FrameMessage.js"></script> <script type="text/javascript"> // iframe js function function fIframe(name, obj, arr){ var obj_p = JSON.parse(obj); var arr_p = JSON.parse(arr); var msg = "iframe function execute success\n\n"; msg += "name:" + name + "\n"; msg += "gender:" + obj_p.gender + "\n"; msg += "age:" + obj_p.age + "\n"; msg += "blog:" + arr_p[0] + "\n"; msg += "weibo:" + arr_p[1] + "\n"; alert(msg); } // exec main function function exec_main(){ // same domain //FrameMessage.exec('', '', 'fMain', ['programmer', '{"first":"PHP","second":"javascript"}', '["EEG","NMG"]']); // cross domain FrameMessage.exec('http://localhost/execA.php', '', 'fMain', ['programmer', '{"first":"PHP","second":"javascript"}', '["EEG","NMG"]']); } </script> </head> <body> <p>B.html iframe</p> <p><input type="button" value="exec main function"></p> </body> </html>
execA.php 与 execB.php