牛骨文教育服务平台(让学习变的简单)

php main 与 iframe 相互通讯类(同域/跨域)

main 与 iframe 相互通讯类

之前写过一篇《iframe与主框架跨域相互访问方法》,介绍了main与iframe相互通讯的原理,不了解原理的可以先看看。

今天把main与iframe相互通讯的方法封装成类,主要有两个文件,

JS:FrameMessage.js 实现调用方法的接口,如跨域则创建临时iframe,调用同域执行者。

PHP:FrameMessage.class.php 实现接收到跨域请求时,根据参数返回执行方法的JS code。

功能如下:

1.支持同域与跨域通讯

2.传递的方法参数支持字符串,JSON,数组等。

FrameMessage.exec("http://127.0.0.1/execB.php", "myframe", "fIframe", ["fdipzone", "{"gender":"male","age":"29"}", "["http://blog.csdn.net/fdipzone", "http://weibo.com/fdipzone"]"]);  

FrameMessage.exec("http://localhost/execA.php", "", "fMain", ["programmer", "{"first":"PHP","second":"javascript"}", "["EEG","NMG"]"]);

因部分浏览器不支持JSON.stringify 与JSON.parse 方法(如IE6/7),为了兼容,需要包含json2.js,下载地址:https://github.com/douglascrockford/JSON-js

FrameMessage.js

/**Main 与 Iframe 相互通讯类 支持同域与跨域通讯
*	Date:   2013-12-29
*Author: fdipzone
*Ver:    1.0
*/
var FrameMessage = (function(){

    this.oFrameMessageExec = null; // 临时iframe

    /* 执行方法
    executor 执行的页面,为空则为同域
    frame    要调用的方法的框架名称,为空则为parent
    func     要调用的方法名
    args     要调用的方法的参数,必须为数组[arg1, arg2, arg3, argn...],方便apply调用
             元素为字符串格式,请不要使用html,考虑注入安全的问题会过滤
    */
    this.exec = function(executor, frame, func, args){

        this.executor = typeof(executor)!="undefined"? executor : "";
        this.frame = typeof(frame)!="undefined"? frame : "";
        this.func = typeof(func)!="undefined"? func : "";
        this.args = typeof(args)!="undefined"? (__fIsArray(args)? args : []) : []; // 必须是数组

        if(executor==""){
            __fSameDomainExec(); // same domain
        }else{
            __fCrossDomainExec(); // cross domain
        }

    }

    /* 同域执行 */
    function __fSameDomainExec(){
        if(this.frame==""){ // parent
            parent.window[this.func].apply(this, this.args);
        }else{
            window.frames[this.frame][this.func].apply(this, this.args);
        }
    }

    /* 跨域执行 */
    function __fCrossDomainExec(){
        if(this.oFrameMessageExec == null){
            this.oFrameMessageExec = document.createElement("iframe");
            this.oFrameMessageExec.name = "FrameMessage_tmp_frame";
            this.oFrameMessageExec.src = __fGetSrc();
            this.oFrameMessageExec.style.display = "none";
            document.body.appendChild(this.oFrameMessageExec);
        }else{
            this.oFrameMessageExec.src = __fGetSrc();
        }
    }

    /* 获取执行的url */
    function __fGetSrc(){
        return this.executor + (this.executor.indexOf("?")==-1? "?" : "&") + "frame=" + this.frame + "&func=" + this.func + "&args=" + JSON.stringify(this.args) + "&framemessage_rand=" + Math.random();
    }

    /* 判断是否数组 */
    function __fIsArray(obj){
        return Object.prototype.toString.call(obj) === "[object Array]";
    }

    return this;

}());

FrameMessage.class.php

<?php
/**Frame Message class main 与 iframe 相互通讯类
*Date:   2013-12-29
*Author: fdipzone
*Ver:    1.0
*
*Func:
*public  execute  根据参数调用方法
*private returnJs 创建返回的javascript
*private jsFormat 转义参数
*/

class FrameMessage{ // class start

    /* execute 根据参数调用方法
    * @param  String  $frame 要调用的方法的框架名称,为空则为parent
    * @param  String  $func  要调用的方法名
    * @param  JSONstr $args  要调用的方法的参数
    * @return String
    */
    public static function execute($frame, $func, $args=""){

        if(!is_string($frame) || !is_string($func) || !is_string($args)){
            return "";
        }

        // frame 与 func 限制只能是字母数字下划线
        if(($frame!="" && !preg_match("/^[A-Za-z0-9_]+$/",$frame)) || !preg_match("/^[A-Za-z0-9_]+$/",$func)){
            return "";
        }

        $params_str = "";

        if($args){
            $params = json_decode($args, true);
            
            if(is_array($params)){

                for($i=0,$len=count($params); $i<$len; $i++){ // 过滤参数,防止注入
                    $params[$i] = self::jsFormat($params[$i]);
                }
                
                $params_str = """.implode("","", $params).""";
            }
        }

        if($frame==""){ // parent
            return self::returnJs("parent.parent.".$func."(".$params_str.");");
        }else{
            return self::returnJs("parent.window.".$frame.".".$func."(".$params_str.");");
        }

    }

    /**创建返回的javascript
    * @param  String  $str
    * @return String 
    */
    private static function returnJs($str){

        $ret = "<script type="text/javascript">"."
";
        $ret .= $str."
";
        $ret .= "</script>";

        return $ret;
    }

    /**转义参数
    * @param  String $str
    * @return String
    */
    private static function jsFormat($str){

        $str = strip_tags(trim($str));  // 过滤html
        $str = str_replace("ss", "s", $str);
        $str = str_replace(chr(10), "", $str);
        $str = str_replace(chr(13), "", $str);
        $str = str_replace(" ", "", $str);
        $str = str_replace("", "", $str);
        $str = str_replace(""", """, $str);
        $str = str_replace(""", """, $str);
        $str = str_replace(""", """, $str);

        return $str;
    }

} // class end

?>

A.html

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
 <head>
  <meta http-equiv="content-type" content="text/html; charset=utf-8">
  <title> main window </title>
  <script type="text/javascript" src="json2.js"></script>
  <script type="text/javascript" src="FrameMessage.js"></script>

  <script type="text/javascript">

  // main js function
  function fMain(profession, skill, company){

	var skill_p = JSON.parse(skill);
	var company_p = JSON.parse(company);
	
	var msg = "main function execute success

";
	msg += "profession:" + profession + "
";
	msg += "first skill:" + skill_p.first + "
";
	msg += "second skill:" + skill_p.second + "
";
	msg += "company1:" + company_p[0] + "
";
	msg += "company2:" + company_p[1] + "
";

	alert(msg);

  }

  // exec iframe function
  function exec_iframe(){
	// same domain
	//FrameMessage.exec("", "myframe", "fIframe", ["fdipzone", "{"gender":"male","age":"29"}", "["http://blog.csdn.net/fdipzone", "http://weibo.com/fdipzone"]"]);

	// cross domain
	FrameMessage.exec("http://127.0.0.1/execB.php", "myframe", "fIframe", ["fdipzone", "{"gender":"male","age":"29"}", "["http://blog.csdn.net/fdipzone", "http://weibo.com/fdipzone"]"]);
  }
  </script>

 </head>

 <body>
  <p>A.html main</p>
  <p><input type="button" value="exec iframe function" onclick="exec_iframe()"></p>
  <!-- same domain -->
  <!--<iframe src="B.html" name="myframe" width="500" height="100"></iframe>-->
  <!-- cross domain -->
  <iframe src="http://127.0.0.1/B.html" name="myframe" width="500" height="100"></iframe>
 </body>
</html>

B.html

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
 <head>
  <meta http-equiv="content-type" content="text/html; charset=utf-8">
  <title> iframe window </title>
  <script type="text/javascript" src="json2.js"></script>
  <script type="text/javascript" src="FrameMessage.js"></script>

  <script type="text/javascript">

  // iframe js function 
  function fIframe(name, obj, arr){
	
	var obj_p = JSON.parse(obj);
	var arr_p = JSON.parse(arr);
	
	var msg = "iframe function execute success

";
	msg += "name:" + name + "
";
	msg += "gender:" + obj_p.gender + "
";
	msg += "age:" + obj_p.age + "
";
	msg += "blog:" + arr_p[0] + "
";
	msg += "weibo:" + arr_p[1] + "
";

	alert(msg);

  }

  // exec main function
  function exec_main(){
	// same domain
	//FrameMessage.exec("", "", "fMain", ["programmer", "{"first":"PHP","second":"javascript"}", "["EEG","NMG"]"]);

	// cross domain
	FrameMessage.exec("http://localhost/execA.php", "", "fMain", ["programmer", "{"first":"PHP","second":"javascript"}", "["EEG","NMG"]"]);  
  }
  </script>

 </head>

 <body>
  <p>B.html iframe</p>
  <p><input type="button" value="exec main function" onclick="exec_main()"></p>
 </body>
</html>

execA.php 与 execB.php

<?php
require "FrameMessage.class.php";

$frame = isset($_GET["frame"])? $_GET["frame"] : "";
$func = isset($_GET["func"])? $_GET["func"] : "";
$args = isset($_GET["args"])? $_GET["args"] : "";

$result = FrameMessage::execute($frame, $func, $args);

echo $result;
?>

源码下载地址:点击查看