请问,这段投票的代码,会不会很容易被别人攻击?该如何改? function vote(id, subjectID) {
// alert("不在投票时间段,请您先推荐!");
// window.location.href="recommend.aspx?subjectID="+subjectID;
// return;
if(deadlineFlag == 1)
{
alert("不在投票时间段,请您先推荐!");
window.location.href="recommend.aspx?subjectID="+subjectID;
return;
}
if(!confirm("是否真的要投票?")) {
return;
}
var XMLHttp = CreateXMLHttp();
var random = Math.random();
var url = "../../../Ajax/AjaxVote.ashx?DataId=" + id + "&Random=" + random;
XMLHttp.open("POST", url, true);
XMLHttp.onreadystatechange = function OnHandler() {
if (XMLHttp.readyState == 4) {
var result = XMLHttp.responseText;
alert(result.split("_")[0]);
if (result.indexOf("成功") != -1) {
var divId = "voteCountDIV" + id;
var totalVoteNum = result.split("_")[1];
document.getElementById(divId).innerHTML = "" + totalVoteNum + "票";
}
}
}
XMLHttp.send(null);
}
// alert("不在投票时间段,请您先推荐!");
// window.location.href="recommend.aspx?subjectID="+subjectID;
// return;
if(deadlineFlag == 1)
{
alert("不在投票时间段,请您先推荐!");
window.location.href="recommend.aspx?subjectID="+subjectID;
return;
}
if(!confirm("是否真的要投票?")) {
return;
}
var XMLHttp = CreateXMLHttp();
var random = Math.random();
var url = "../../../Ajax/AjaxVote.ashx?DataId=" + id + "&Random=" + random;
XMLHttp.open("POST", url, true);
XMLHttp.onreadystatechange = function OnHandler() {
if (XMLHttp.readyState == 4) {
var result = XMLHttp.responseText;
alert(result.split("_")[0]);
if (result.indexOf("成功") != -1) {
var divId = "voteCountDIV" + id;
var totalVoteNum = result.split("_")[1];
document.getElementById(divId).innerHTML = "" + totalVoteNum + "票";
}
}
}
XMLHttp.send(null);
}
解决方案 »
免费领取超大流量手机卡,每月29元包185G流量+100分钟通话, 中国电信官方发货