Question

我有一个JQuery自动完成函数，由一个json_encoded PHP数组提供。一切正常，但当我右键点击网站查看页面源时，我可以看到整个数组。这个数组包含敏感信息是什么？是否有更好的方法来组织此代码，使其具有相同级别的功能更加私密？

在PHP / HTML主页面上：

<?php include 'autocomplete.php'; ?>

包括：

    <?php

// connect to db

    //fetch first and last name
    $sql="SELECT first, last FROM names";
    $result = mysqli_query($web_dbi, $sql) or die("Error " . mysqli_error($web_dbi));
    while ($f=mysqli_fetch_array($result)) {
       $names[] = array(
       'label' => $f['first'] . " " . $f['last'];
        );
    }

    echo json_encode($names);

?>

回到主PHP / HTML页面我有一些JQuery：

    ... (JQuery CDNs)
    <script type="text/javascript">
        $(function() {
            $( "#inputfield" ).autocomplete({
            source: "autocomplete.php",
            minLength: 1,
            select: function( event, ui ) {
                log( ui.item ?
                "Selected: " + ui.item.value + " aka " + ui.item.id :
                "Nothing selected, input was " + this.value );
            }
        });
    });
    </script>

主要问题是在HTML页面的源代码中，这是可见的：

$(function() {
        var autocompletevalues = ["name","name","name","name","name","name","name","name","name","name","name","name","name","name","name","name","name","name","name","name","name","name","name","name","name","name","name","name","name","name","name","name","name","name","name","name","name","name","name","name","name","name","name","name","name","name","name","name","name","name","name","name","name","name","name","name","name","name","name","name","name","name","name","name","name","name","name","name","name","name","name","name","name","name","name","name","name","name","name","name","name","name","name","name","name","name","name","name","name","name","name","name","name","name","name","name","name","name","name"];
        $( "#inputfield" ).autocomplete({
            dataType: "json",
            source: availableTags
        });
    });

Answer 1

必须是这样的：

$( "#birds" ).autocomplete({
            source: "search.php",
            minLength: 2,
            select: function( event, ui ) {
                log( ui.item ?
                    "Selected: " + ui.item.value + " aka " + ui.item.id :
                    "Nothing selected, input was " + this.value );
            }
        });

参考：JQuery Autocomplete

search.php必须使用f json值，然后才能将其显示为自动填充的一部分。

请参阅此小提琴：http://jsfiddle.net/handtrix/32Bck/

更新1：

while($product_search->fetch())
        {
            $data[] = array(
                'label' => trim($product_code) 
            );
        }

        echo json_encode($data);

JS代码：

$("#inputfield").autocomplete({ 
        source:'search.php', 
        minLength:4
    });

有没有办法从HTML源隐藏自动完成数组？

1 个答案: