Jquery在附加项上设置属性

时间:2015-11-09 00:43:01

标签: javascript jquery

当用户点击其他人的名字时,弹出窗口会显示一个表单,向该用户发送消息。我希望能够更改属性' action'反映' http://localhost:8000/newMsg/' + user_id;到目前为止我所做的改变了形式的动作,但也改变了其他形式。我知道我可以在某些情况下使用$(this)或者child()或者最接近()。但我需要将user_id值从.chat_list传递到特定表单。这就是我所拥有的:

HTML

            <!-- Sidebar -->
        <div id="sidebar-wrapper">
                            <div class = "contacts_slideout">
                                <div class = "contact_content">
                                    <div id = "chat-box">
                                        <div class = "menteeList">

                                            <div id = "mntList">
                                                 <ul class = "sidebar-nav">
                                                    <li><h1>My Mentee</h1></li>
                                                    @foreach($menteeList as $mentee)
                                                        <li class = "chat_list" value = "{{$mentee->id}}"><div class = "pic_id"></div><a>{{$mentee->name}}</a></li>
                                                    @endforeach
                                                </ul>
                                            </div>
                                        </div>
                                    </div>
                                </div>

                            </div>
        </div>
        <!-- /#sidebar-wrapper -->
        <div class = "dock">
            <div class = "docking_tabs">

            </div>
        </div>

的Javascript

$('.chat_list').click(function(){
    if($(this).hasClass('activated')){
        return false;
    } else {
        var user_id = $(this).attr('value');
        $(this).addClass('activated');
        var el = $(
            '<div class = "message_block">'+
                '<div class = "message_tab">'+ '</div>' +

                '<div class = "message_flyout">' +
                    '<div class = "message_content">' +
                        '<div class = "message_header">'+ '</div>' +
                            '<div class = "conversation_scroll">' +
                                '<div class = "scroll_content">' + '</div>' + '</div>' +
                                    '<div class = "message_form">' +
                                        "<form class = 'myForm' method= 'POST' accept-charset= 'UTF-8'>" + "<input name='_token' type='hidden' value='2rS54FJZJZhWPplLmBJSH4CsID7Pgec7iPsDtrnm'>" +
                                        '<div class = "message_form">' +
                                            "<input class='input-mini' placeholder='Type a message...' name='status' type='text'>" +
                                        '</div>'+
                                        "</form>" +
                                    '</div>'+
                                '</div>'+
                            '</div>'+
                    '</div>');

        $('.docking_tabs').append(el);
        $(".myForm").attr('action', 'http://localhost:8000/newMsg/' + user_id);
    }

});

我该如何正确地做到这一点?只是一个附带问题,这种方法是否容易受到操纵或黑客攻击?

1 个答案:

答案 0 :(得分:1)

更改

<form

为:

<form action='"+user_id+"'

并删除更改表单属性操作的最后一行