JavaScript 函数无法识别正确的密码
JavaScript function not recognizing correct password
我在玩在线 game,您必须通过查看页面源(或检查元素)来找到密码。我对这条线感到困惑 if(el.value == ""+CodeCode+"")。 el.value 是我的猜测,它说如果我的猜测是:""+CodeCode+"",我可以继续。 “+CodeCode+”定义为:"+CodeCode+" == "0xf.at_hackit"; 但我尝试了“0xf.at_hackit”(带引号和不带引号但它不起作用)。我已经坚持了 2 个小时所以请帮忙!
这是具有 javascript 功能的游戏代码:
<!-- :::::::::::::::::==== GAME STARTS HERE ====::::::::::::::::: -->
<h1>Level 10</h1>
<p>Try not to be fooled</p>
<input id="pw" type="password" />
<br/><input type="button" value="OK" onClick="checkPW()"/>
<script type="text/javascript">var CodeCode = "moo6be";
function checkPW()
{
"+CodeCode+" == "0xf.at_hackit";
var el = document.getElementById("pw");
if(el.value == ""+CodeCode+"")
document.location.href="?pw="+el.value;
else alert("Wrong password");
}
</script>
<!-- ::::::::::::::::::==== GAME ENDS HERE ====:::::::::::::::::: -->
答案是moo6be。
这是因为 "+CodeCode+" == "0xf.at_hackit"; 有两个等号,这只是意味着它是一个比较语句(只会计算为 false)。请务必注意,这与程序的其余部分无关。
这里的主线是:if(el.value == ""+CodeCode+"").
即:"" (empty string) + CodeCode (moo6be) + "" (empty string).
代码分配在 <script> 标签之后。
行 "+CodeCode+" == "0xf.at_hackit"; 什么都不做,它只是计算结果为 false 的表达式(比较两个不同的字符串),但没有赋值,所以没有副作用。
<script type="text/javascript">var CodeCode = "moo6be"; // <==== HERE
function checkPW() {
"+CodeCode+" == "0xf.at_hackit"; // <==== this does nothing, its just expression that evaluates to false, but no assignment
var el = document.getElementById("pw");
if(el.value == ""+CodeCode+"") // <==== this is the same as `if(el.value == CodeCode)`
document.location.href="?pw="+el.value;
else alert("Wrong password");
}
</script>
""+CodeCode+"" 等同于:"" + CodeCode + ""
CodeCode 紧跟在标签之后:
<script type="text/javascript">var CodeCode = "moo6be"; // HERE
function checkPW()
{
"+CodeCode+" == "0xf.at_hackit"; // this does nothing, its just expression that evaluates to false - this is meant to trick you
var el = document.getElementById("pw");
if(el.value == ""+CodeCode+"")
document.location.href="?pw="+el.value;
else alert("Wrong password");
}
</script>
我在玩在线 game,您必须通过查看页面源(或检查元素)来找到密码。我对这条线感到困惑 if(el.value == ""+CodeCode+"")。 el.value 是我的猜测,它说如果我的猜测是:""+CodeCode+"",我可以继续。 “+CodeCode+”定义为:"+CodeCode+" == "0xf.at_hackit"; 但我尝试了“0xf.at_hackit”(带引号和不带引号但它不起作用)。我已经坚持了 2 个小时所以请帮忙!
这是具有 javascript 功能的游戏代码:
<!-- :::::::::::::::::==== GAME STARTS HERE ====::::::::::::::::: -->
<h1>Level 10</h1>
<p>Try not to be fooled</p>
<input id="pw" type="password" />
<br/><input type="button" value="OK" onClick="checkPW()"/>
<script type="text/javascript">var CodeCode = "moo6be";
function checkPW()
{
"+CodeCode+" == "0xf.at_hackit";
var el = document.getElementById("pw");
if(el.value == ""+CodeCode+"")
document.location.href="?pw="+el.value;
else alert("Wrong password");
}
</script>
<!-- ::::::::::::::::::==== GAME ENDS HERE ====:::::::::::::::::: -->
答案是moo6be。
这是因为 "+CodeCode+" == "0xf.at_hackit"; 有两个等号,这只是意味着它是一个比较语句(只会计算为 false)。请务必注意,这与程序的其余部分无关。
这里的主线是:if(el.value == ""+CodeCode+"").
即:"" (empty string) + CodeCode (moo6be) + "" (empty string).
代码分配在 <script> 标签之后。
行 "+CodeCode+" == "0xf.at_hackit"; 什么都不做,它只是计算结果为 false 的表达式(比较两个不同的字符串),但没有赋值,所以没有副作用。
<script type="text/javascript">var CodeCode = "moo6be"; // <==== HERE
function checkPW() {
"+CodeCode+" == "0xf.at_hackit"; // <==== this does nothing, its just expression that evaluates to false, but no assignment
var el = document.getElementById("pw");
if(el.value == ""+CodeCode+"") // <==== this is the same as `if(el.value == CodeCode)`
document.location.href="?pw="+el.value;
else alert("Wrong password");
}
</script>
""+CodeCode+"" 等同于:"" + CodeCode + ""
CodeCode 紧跟在标签之后:
<script type="text/javascript">var CodeCode = "moo6be"; // HERE
function checkPW()
{
"+CodeCode+" == "0xf.at_hackit"; // this does nothing, its just expression that evaluates to false - this is meant to trick you
var el = document.getElementById("pw");
if(el.value == ""+CodeCode+"")
document.location.href="?pw="+el.value;
else alert("Wrong password");
}
</script>