当用户点击其他人的名字时,弹出窗口会显示一个表单,向该用户发送消息。我希望能够更改属性' action'反映' http://localhost:8000/newMsg/' + user_id;到目前为止我所做的改变了形式的动作,但也改变了其他形式。我知道我可以在某些情况下使用$(this)或者child()或者最接近()。但我需要将user_id值从.chat_list传递到特定表单。这就是我所拥有的:
HTML
<!-- Sidebar -->
<div id="sidebar-wrapper">
<div class = "contacts_slideout">
<div class = "contact_content">
<div id = "chat-box">
<div class = "menteeList">
<div id = "mntList">
<ul class = "sidebar-nav">
<li><h1>My Mentee</h1></li>
@foreach($menteeList as $mentee)
<li class = "chat_list" value = "{{$mentee->id}}"><div class = "pic_id"></div><a>{{$mentee->name}}</a></li>
@endforeach
</ul>
</div>
</div>
</div>
</div>
</div>
</div>
<!-- /#sidebar-wrapper -->
<div class = "dock">
<div class = "docking_tabs">
</div>
</div>
的Javascript
$('.chat_list').click(function(){
if($(this).hasClass('activated')){
return false;
} else {
var user_id = $(this).attr('value');
$(this).addClass('activated');
var el = $(
'<div class = "message_block">'+
'<div class = "message_tab">'+ '</div>' +
'<div class = "message_flyout">' +
'<div class = "message_content">' +
'<div class = "message_header">'+ '</div>' +
'<div class = "conversation_scroll">' +
'<div class = "scroll_content">' + '</div>' + '</div>' +
'<div class = "message_form">' +
"<form class = 'myForm' method= 'POST' accept-charset= 'UTF-8'>" + "<input name='_token' type='hidden' value='2rS54FJZJZhWPplLmBJSH4CsID7Pgec7iPsDtrnm'>" +
'<div class = "message_form">' +
"<input class='input-mini' placeholder='Type a message...' name='status' type='text'>" +
'</div>'+
"</form>" +
'</div>'+
'</div>'+
'</div>'+
'</div>');
$('.docking_tabs').append(el);
$(".myForm").attr('action', 'http://localhost:8000/newMsg/' + user_id);
}
});
我该如何正确地做到这一点?只是一个附带问题,这种方法是否容易受到操纵或黑客攻击?
答案 0 :(得分:1)
更改
<form
为:
<form action='"+user_id+"'
并删除更改表单属性操作的最后一行