Related recommendations: "2019 PHP interview questions summary (collection)"
1. PHP's garbage collection mechanism
PHP Memory management can be performed automatically and unnecessary objects cleared.
PHP uses the reference counting GC mechanism.
Each object contains a reference counter refcount. Each reference is connected to the object and the counter is incremented by 1. When reference leaves the living space or is set to NULL, the counter is decremented by 1. When an object's reference counter reaches zero, PHP knows that you no longer need to use the object and releases the memory space it occupies.
Reference: https://www.php.net/manual/zh/features.gc.refcounting-basics.php
2. The difference and connection between session and cookie
Difference:
1. Storage location: Session is saved on the server, and Cookie is saved on the client.
2. Storage form: Session is stored on the server in the form of an object, and Cookie is stored on the client in the form of a string.
3. Purpose: Cookies are suitable for saving the user's personal settings, hobbies, etc., and Session is suitable for customer authentication.
4. Path: Session cannot distinguish paths. The same user is accessing a During the website, all Sessions can be accessed from anywhere. If path parameters are set in cookies, cookies under different paths on the same website cannot access each other.
5. Security: Cookies are not very safe. Others can analyze the COOKIE stored locally and conduct COOKIE deception. Considering security, session should be used
6. Size and quantity limit: each Number of cookies contained in the domain name: IE7/8, FireFox: 50, Opera 30; Total cookie size: Firefox and Safari allow cookies up to 4097 bytes, Opera allows cookies up to 4096 bytes, and Internet Explorer allows cookies up to 4097 bytes. 4095 bytes; it is generally believed that Session has no size or quantity limit.
Relationship:
Session requires Cookie to work properly. If the client completely disables cookies, the Session will be invalid! Because Session is a server-side storage space maintained by the application server, when the user connects to the server, a unique SessionID will be generated by the server, and the SessionID is used as the identifier to access the server-side Session storage space.
The SessionID data is saved to the client and stored in Cookie. When the user submits the page, the SessionID will be submitted to the server to access the Session data. This process does not require developer intervention. So once the client disables Cookie, the Session will also become invalid.
3. How to modify the survival time of SESSION
1. Set the expiration time of sessionid saved by the browser setcookie (session_name (), session_id (), time () $ lifeTime, "/");
2. You can use the session_set_cookie_params (86400); that comes with SESSION to set the lifetime of the Session
3. By modifying session.gc_maxlifetime in php.ini The value of the parameter can change the session survival time
4. What are the methods of PHP page redirection
header('Location: http://www.baidu.com/') ; echo ''; echo '';
5. PDO, adoDB, PHPLib database Abstraction layer comparison
PHP database abstraction layer refers to the middleware between the PHP logic program code and the database that encapsulates the underlying operations of the database.
PDO is designed based on PHP 5.1. It uses C language for underlying development. The design inherits the characteristics of PHP and is simple and easy to use. Strictly speaking, PDO should be classified as PHP 5. One of the SPL libraries, and should not be classified as a data abstraction layer, because it has similar functions to the MySQL and MySQLi extension libraries. PDO is not suitable for use in systems where changes to the database are planned or possible.
ADODB No matter what the back-end database is, the method of accessing the database is the same;
When transferring the database platform, the program code does not need to be changed too much. In fact, it only needs to be changed. Database configuration file. A large number of assembly methods are provided, with the purpose of translating these statements at the bottom of the abstraction layer for different databases to adapt to different database dialects!
But this abstraction layer seems to be too large in size. The total files are about 500K. If you are making a small website, using this seems to be overkill.
PHPLib may be accompanied by PHP. The oldest database abstraction layer (but compared with ADODB, it is only a MySQL abstract class library). This abstract class is quite simple to use and small in size. It is a good choice for small website development.
PDO provides prepared statement query, error and exception handling, flexible acquisition of query results (returning arrays, strings, objects, callback functions), character filtering to prevent SQL attacks, transaction processing, and stored procedures.
ADODB supports cached queries, mobile record sets, (HTML, paging, selection menu generation), transaction processing, and output to files.
Reference: http://apps.hi.baidu.com/share/detail/463678
6. The difference and use of long connections and short connections
Long connection: The client and server first establish a connection. After the connection is established, it is not disconnected, and then the message is sent and received. In this way, the communication connection always exists. This method is often used for P2P communication.
Short connection: The client and server only communicate with each other for each message sending and receiving transaction, and the connection is immediately disconnected after the transaction is completed. This method is often used for point-to-multipoint communication. C/S communication.
Time to use long connection and short connection:
Long connection:
Short connection is mostly used for frequent operations, point-to-point communication, and the number of connections cannot be too many. The establishment of each TCP connection requires three handshakes, and the disconnection of each TCP connection requires four handshakes. If you have to establish a connection for each operation and then operate again, the processing speed will be reduced. Therefore, it is enough to directly send data during each operation and the next operation without establishing a TCP connection. For example: long connections are used for database connections. Frequent communication with short connections will cause socket errors. Frequent socket creation is also a waste of resources.
Short connection:
Web website http services generally use short connections. Because long connections consume a certain amount of resources for the server. With thousands or even hundreds of millions of client connections like web sites that are so frequent, using short connections can save some resources. Just imagine if long connections are used, and thousands of users are used at the same time, and each user occupies a connection, you can imagine how much pressure the server will have. Therefore, the amount of concurrency is large, but each user needs a short connection if they do not need frequent operations.
7. Detailed explanation and application of HTTP protocol
http (Hypertext Transfer Protocol) is a stateless, short-connection, flexible, Application layer protocols are often based on TCP connections.
Reference:https://www.php.cn/faq/437523.html (http protocol detailed explanation)
(HTTP response status code)
HTTP response status code
The status code consists of three digits. The first digit defines the response category and has five possible values:
1xx: Instruction information--Indicates The request has been received, continue processing
2xx: Success--Indicates that the request has been successfully received, understood, and accepted
3xx: Redirect--Further operations must be performed to complete the request
4xx: Client error--the request has a syntax error or the request cannot be fulfilled
5xx: Server-side error--the server failed to fulfill a legal request
Common status codes, status Description and explanation:
200 OK // The client request is successful
400 Bad Request // The client request has a syntax error and cannot be understood by the server
401 Unauthorized / / The request is unauthorized, this status code must be used together with the WWW-Authenticate header field 403 Forbidden // The server received the request, but refused to provide the service
404 Not Found // The requested resource does not exist, eg: input Wrong URL
500 Internal Server Error // An unexpected error occurred in the server
503 Server Unavailable // Server timeout // May return to normal
304 Not Modified / / The requested web page has not been modified since the last request.
// When the server returns this response, it will not return the web page content.
8. Communication encryption scheme in heterogeneous system communication
Reference: https://www.php.cn/php-weizijiaocheng-437530. html
9. Socket connection steps
Socket (socket) concept
Socket (socket) is the cornerstone of communication , is the basic operating unit supporting network communication of TCP/IP protocol. It is an abstract representation of the endpoint in the network communication process and contains five types of information necessary for network communication: the protocol used for connection, the IP address of the local host, the protocol port of the local process, the IP address of the remote host, and the protocol of the remote process. port.
Socket connection process
Establishing a Socket connection requires at least a pair of sockets, one of which runs on the client, called ClientSocket, and the other runs on the server, called ServerSocket
The connection process between sockets can be divided into three steps: server monitoring, client request, and connection confirmation.
Server monitoring: The server-side socket does not locate the specific client socket, but is in a state of waiting for connection and monitors the network status in real time.
Client request: refers to a connection request made by the client's socket, and the target to be connected is the server's socket. To do this, the client's socket must first describe the server's socket to which it wants to connect, indicate the address and port number of the server-side socket, and then make a connection request to the server-side socket.
Connection confirmation: means that when the server-side socket listens or receives the connection request from the client-side socket, it responds to the client
Socket request, establish a new thread, and send the description of the server-side socket to the client. Once the client confirms this description, the connection is established. The server-side socket continues to be in the listening state and continues to receive connection requests from other client sockets.
10. TCP protocol, three-way handshake, four-way wave
TCP protocol (Transmission Control Protocol) is a host-to-host layer transmission control protocol, providing reliable connections The service uses a three-way handshake to confirm the establishment of a connection and a four-way handshake to disconnect. The
bit code is the tcp flag bit, and there are 6 kinds of marks:
SYN (synchronous establishment of connection) synchronous
ACK (acknowledgement confirmation)
PSH ( push transmission)
FIN (finish end)
RST (reset reset)
URG (urgent emergency)
11. php Differentiation and examples of commonly used functions with similar functions but greatly different performance
Reference: http://apps.hi.baidu.com/share/detail/43169774
12. Posix and perl compatible regex comparison, and function performance analysis
The most significant differences between POSIX regex and PCRE regex that need to be known:
1. The PCRE function requires the pattern to The delimiter is closed.
2. POSIX-compatible regular expressions have no modifiers. Unlike POSIX, the PCRE extension does not have dedicated functions for case-insensitive matching. Instead, support uses the /i mode modifier to accomplish the same job. Other pattern modifiers can also be used to change the matching strategy.
3. The POSIX function looks for the longest match starting from the leftmost, but PCRE stops after the first legal match. It makes no difference if the strings don't match, but if they do, there will be a difference in results and speed. To illustrate the difference, consider the following example (from Jeffrey Friedl's Mastering Regular Expressions book). Using the pattern one (self)?(selfsufficient)? to match the string oneselfsufficient, PCRE will match oneself, but using POSIX, the result will be the entire string oneselfsufficient. Both substrings match the original string, but POSIX will take the longest as the result.
PCRE Available modifiers: (i,s,m)
13. Implement PERL regular expressions and capture all href hyperlinks of the a tag of html filesRegular expression: /]/is
14. Comparison of predefined variables, magic variables, and magic methods, and examples of their effects
$html = <<HTML;$matches = array();
preg_match_all ( "/]/is", $html, $matches ); print_r ($matches [1]); // Output all hyperlinks
?>
Predefined variables (super global variables)
$GLOBALS
$_SERVER
$_GET
$_POST
$_COOKIE
$_SESSION
$_REQUEST
$_ENV
Magic method http://apps.hi.baidu.com/share/detail/17851228construct and destruct
__autoload
get and set
isset and unset
call and callStatic
__clone
__toString
sleep and wakeup
__invoke
Magic variables http://apps.hi.baidu.com/share/detail/17851228LINE
FILE
DIR
CLASS
FUNCTION
METHOD
NAMESPACE
15 . spl Common data structure classes16. PHP design pattern
Factory pattern
Create a factory (a function or a class method ) to make new objects
Factory pattern is a class that has certain methods that create objects for you. You can use a factory class to create objects without using new directly. This way, if you want to change the type of object created, you only need to change the factory. All code using this factory is automatically changed.
Single case mode
Some application resources are exclusive because there is only one resource of this type. For example, connections to a database through a database handle are exclusive. You want to share the database handle across your application because it is an overhead when keeping the connection open or closed, even more so during the process of fetching a single page.
Single element mode can meet this requirement.
The singleton pattern in PHP: refers to creating only one instance of a specified class within the scope of a PHP application.
Classes that use the singleton pattern in PHP usually have a private constructor and a private clone function to prevent users from instantiating it by creating objects or cloning them. There is also a static private member variable $instance and a static method getInstance. getInstance is responsible for instantiating itself and then storing this object in the $instance static member variable to ensure that only one instance is created.
Observer Mode
Command Chain Mode
Strategy Mode
17. Load-balanced web application server design, such as youkuGuide to Load Balancing with PHP
Think about how to deal with the following problems?
参考:https://www.php.cn/php-weizijiaocheng-437532.html
在 Apache 负载均衡的情况下,做 PHP 开发如何考虑一下几方面:
PHP 源文件在服务器、PHP 文件上传处理、相关配置文件、Session 会话放置、日志放置
Apache 负载均衡的原则
轮询均衡策略 (轮询转发请求)
按权重分配均衡策略 (按响应数量转发请求)
权重请求响应负载均衡策略 (按响应流量转发请求)
18. 如何优化前端性能
1) 页面内容的优化
a) 降低请求数
合并 css、js 文件,集成 CSS 图片
b) 减少交互通信量
压缩技术:压缩 css、js 文件,优化图像,减少 cookie 体积;
合理利用缓存:使用外部 js/css 文件,缓存 ajax;
减少不必要的通信量:剔除无用脚本和样式、推迟加载内容、使用 GET 请求
c) 合理利用 “并行” 尽量避免重定向
慎用 Iframe 样式表置于顶部 脚本放到样式后面加载
d) 节约系统消耗
避免 CSS 表达式、滤镜
2) 服务器的优化
a) b)
c)
d)
19. yahoo 的 34 条前端优化法则
减少 HTTP 请求、利用 CDN 技术、 设置头文件过期或者静态缓存、Gzip 压缩、把 CSS 放顶部、 把 JS 放底部、避免 CSS 表达式、将 JS 和 CSS 外链、减少 DNS 查找、减小 JS 和 CSS 的体积、 避免重定向、删除重复脚本、 配置 ETags、缓存 Ajax、尽早的释放缓冲、
用 GET 方式进行 AJAX 请求、延迟加载组件、 预加载组件、减少 DOM 元素数量、跨域分离组件、
减少 iframe 数量、不要出现 404 页面、减小 Cookie、 对组件使用无 Cookie 的域名、减少 DOM 的访问次数、开发灵活的事件处理句柄、使用 而非 @import、避免过滤器的使用、优化图片、优化 CSS Sprites、 不要在 HTML 中缩放图片、缩小 favicon. ico 的大小并缓存它、保证组件在 25K 以下、将组件打包进一个多部分的文档中
20. 数据库缓存的基本理论,参考 memcached
什么是 Memcached?
memcached 是高性能的分布式内存缓存服务器。一般的使用目的是,通过缓存数据库查询结果,减少数据库访问次数,以提高动态 Web 应用的速度、提高可扩展性。
虽然 memcached 使用了同样的 “Key=>Value” 方式组织数据,但是它和共享内存、APC 等本地缓存有非常大的区别。Memcached 是分布式的,也就是说 它不是本地的。它基于网络连接(当然它也可以使用 localhost)方式完成服务,本身它是一个独立于应用的程序或守护进程(Daemon 方式)
PHP 与 Memcached
Memcached 使用 libevent 库实现网络连接服务,理论上可以处理无限多的连接,但是它和
基于反向代理的 Web 缓存;
基于反向代理的 Web 缓存
21. PHP 安全模式
php 安全模式:safe_mode=on|off
启用 safe_mode 指令将对在共享环境中使用 PHP 时可能有危险的语言特性有所限制。可以将 safe_mode 是指为布尔值 on 来启用,或者设置为 off 和脚本尝试访问的文件的 UID,以此作为限制机制的基础。如果 UID 相同,则执行脚本;否则,脚本失败。
当启用安全模式时,一些限制将生效
1、 所有输入输出函数(例如 fopen ()、file () 和 require ())的适用会受到限制,只能用于与调用这些函数的
脚本有相同拥有者的文件
2、 如果试图通过函数 popen ()、system () 或 exec () 等执行脚本,只有当脚本位于 safe_mode_exec_dir
配置指令指定的目录才可能
3、HTTP 验证得到进一步加强,因为验证脚本用于者的 UID 划入验证领域范围内。此外,当启用安
全模式时,不会设置 PHP_AUTH。
4、如果适用 MySQL 数据库服务器,链接 MySQL 服务器所用的用户名必须与调用 mysql_connect ()
的文件拥有者用户名相同。
以下是一些和安全模式相关的配置选项
safe_mode_gid=on|off safe_mode_include_dir=string safe_mode_env_vars=string safe_mode_exec_dir=string safe_mode_protected_env_vars=string
22. 常见的 web 攻击方式
常见攻击
XSS (Cross Site Script) ,跨站脚本攻击。它指的是恶意攻击者往 Web 页面里插入恶意 html 代码,当用户浏览该页之时,嵌入的恶意 html 代码会被执行,从而达到恶意用户的特殊 目的。
XSS is a passive attack. Because it is passive and difficult to exploit, many people often ignore its harmfulness. However, with the continuous advancement of front-end technology and the increasing number of applications of rich clients, this issue has attracted more and more attention.
A simple example:
If you are currently a user on the sns site, and there is a vulnerability in the function of publishing information, you can execute js. If you enter a malicious script at this moment, then everyone who sees you currently will The browsers of people who receive new information will execute this script and pop up a prompt box (very cool pop-up ads:)). If you do something more radical, the consequences will be unimaginable.
CSRF (Cross Site Request Forgery), cross-site forged request. As the name suggests, it allows users to use their own identity to accomplish some of the goals that the attacker needs to achieve by forging connection requests without the user's knowledge. The attack of csrf is different from that of xss csrf which needs to be triggered by the attacker's active behavior. This sounds like there is a suspicion of "being fished".
Multi-window browsers seem to be suspected of contributing to tyranny, because the new window opened has all current sessions. If it is a single browser window similar to ie6, there will be no such problem, because each time Each window is an independent process.
Give a simple example: You are playing White Society, and you see someone sending a link. You click on it, and then a form for sending gifts is forged in this link. This is just a simple example. The question Visible general.
Cookie hijacking. By obtaining the permissions of the page, write a simple request to the malicious site in the page, and carry the user's cookie. After obtaining the cookie, you can directly log in to the site as the stolen user through the cookie. This is cookie hijacking.
Give a simple example: Someone wrote a very interesting diary and then shared it with everyone. Many people clicked to view and shared the diary. Everything seemed normal, but the person who wrote the diary did not For other purposes, a request to outside the site is secretly hidden in the log. Then everyone who reads this log will send their cookie to someone without knowing it, and then he can pass it to anyone. cookie to log into this person's account.
SQL injection attack
In a SQL injection attack, the user adds information to a database query by manipulating a form or GET query string.
DNS attack
Denial of service attack
Denial of service attack means that the attacker tries to make the target machine stop providing services. It is one of the common attack methods used by hackers.
The attacker carries out a denial of service attack, which actually allows the server to achieve two effects: one is to force the server's buffer to be full and not accept new requests; the other is to use IP spoofing to force the server to redirect legitimate users' connections. Reset, affecting the connection of legitimate users
23. The basic idea of PHP anti-hotlink prevention
What is a hotlink?
Hot links refer to content that the service provider itself does not provide services. It uses technical means to bypass other beneficial end-user interfaces (such as advertisements) and directly provide other services to end users on its own website. The service content of the provider is defrauded of the browsing and click-through rates of end users. The beneficiary provides no or very few resources, while the real service provider receives no benefit.
Website hotlinking will consume a large amount of the bandwidth of the stolen linking website, and the real click-through rate may be very small, seriously damaging the interests of the stolen linking website. How to prevent hotlinking?
Irregularly rename files or directories
Restrict reference pages
The principle is that the server obtains the website address of the user submitted information, and then compares it with the real server address. If If they are consistent, it means it was submitted within the site or for a site you trust, otherwise it will be regarded as a hot link. When implementing, you can use HTTP_REFERER1 and htaccess files (mod_Rewrite needs to be enabled), combined with regular expressions to match each access request of the user.
File camouflage
File camouflage is currently the most commonly used anti-leeching technology, usually combined with server-side dynamic scripts (PHP/JSP/ASP). In fact, the file address requested by the user is just a disguised script file. This script file will authenticate the user's request and generally check Session, Cookie or HTTP_REFERER as the basis for determining whether it is a hotlink. The real files are actually hidden in places that users cannot access. Only after the user passes the verification will they be returned to the user.
Encryption Authentication
This anti-leeching method is first obtained from the client. The user information is then encrypted into a string (Session ID) based on this information and the file name requested by the user as authentication. Only after the authentication is successful, the server will send the files required by the user to the client. Generally, we will pass the encrypted Session ID to the server as part of the URL parameters. Since this Session ID is linked to the user's information, even if someone else steals the link, the Session ID cannot pass the identity authentication, thus achieving anti-leeching. the goal of. This method is very effective for distributed hot links.
Random additional code
每次,在页面里生成一个附加码,并存在数据库里,和对应的图片相关,访问图片时和此附加码对比,相同则输出图片,否则输出 404 图片
加入水印
24. HTTP 请求头信息和响应头信息
请求头信息
POST /scp1.1.0/prs/new_rnaseqtask/run_go HTTP/1.1 Host: 172.30.4.102 User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:6.0) Gecko/20100101 Firefox/6.0 Accept: / Accept-Language: zh-cn,zh;q=0.5 Accept-Encoding: gzip, deflate Accept-Charset: GB2312,utf-8;q=0.7,*;q=0.7 Connection: keep-alive Content-Type: application/x-www-form-urlencoded; charset=UTF-8 X-Requested-With: XMLHttpRequest Referer: http://172.30.4.102/scp1.1.0/index.php/prs... Content-Length: 1819 Cookie: ci_session=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22e31556053ff9407a454f6a1e146d43eb%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A12%3A%22172.16.23.42%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F5.0+%28Windows+NT+6.1%3B+rv%3A6.0%29+Gecko%2F2010010%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1314955607%3B%7D664b51a01ef99bac95f3e2206e79cb00;PHPSESSID=v33mlm1437lmop1fquta675vv4;username=linjinming; tk=1314955601855 Pragma: no-cache Cache-Control: no-cache
响应头信息
HTTP/1.1 200 OK Date: Fri, 02 Sep 2011 09:27:07 GMT Server: Apache/2.2.3 (Red Hat) X-Powered-By: PHP/5.1.6 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 31 Connection: close Content-Type: text/html; charset=UTF-8
25. MySQL
MySQL 数据库性能优化
使用 mysqlreport;
正确使用索引:explain 分析查询语句,组合索引,索引副作用(占空间、update)
开启慢查询日志、使用慢查询分析工具 mysqlsla;
索引缓存、索引代价(插入更新索引);
表锁,行锁,行锁副作用(update 多时候变慢),在 select 和 update 混合的情况下,行锁巧妙解决了读写互斥的问题;
开启使用查询缓存;
修改临时表内存空间;
开启线程池;
MySQL Query 语句优化的基本思路和原则
1、优化需要优化的 Query;
2、定位优化对象的性能瓶颈;
3、明确优化目标;
4、从 Explaing 入手;
5、多使用 Profile;
6、永远用小结果集推动大的结果集;
7、尽可能在索引中完成排序;
8、只取自己需要的 Columns;
9、仅仅使用最有效的过滤条件;
10、尽可能避免复杂的 Join 和子查询。
MySQL 中 MyISAM 引擎和 InnoDB 引擎的区别以及它们的性能
1:Innodb 支持事物,Myisam 不支持
2:锁定机制不一样,Myisam 支持表锁定,而 Innodb 支持行锁
3:Myisam 不支持外键,Innodb 能支持
4:Myisam 能在特定环境下支持全文索引,而 Innodb 不支持
5:Myisam 支持数据压缩,Innodb 不支持
6:在数据存储上,Myisam 占用的空间少,Innodb 相对多些
7:Myisam 在批量插入和查询方面速度上有优势,而 Innodb 由于支持行锁,所以在数据修改方面更胜一筹
MySQL 存储引擎
MyISAM:不支持事务、表锁和全文索引,操作速度快
InnoDB:行锁设计、支持外键、支持安全事务
HEAP:数据存放在内存中,临时表
NDB Cluster:MySQL 的簇式数据库引擎
CSV: 存储引擎把数据以逗号分隔的格式存储在文本文件中。
FEDERATED:存储引擎表并不存放数据,它只是指向一台远程 MySQL 数据库服务器上的表 Archive: 只支持 INSERT 和 SELECT 操作,压缩后存储,非常适合存储归档数据
Merge:允许将一系列等同的 MyISAM 表以逻辑方式组合在一起,并作为 1 个对象引用它们 表类型,区分表类型
优化表设计的常用思路
负载均衡的数据库设计
数据类型及详细定义,区分
26. Apache
性能优化,配置,fastCGI 等几种工作模式
27. Ajax
用 JS 实现 Ajax 功能
var createXHR = function(){ } var addURLParam = function(url, name, value){ } var xhr = createXHR(); xhr.onreadystatechange = function(){ } var url = 'testAjax.php'; addURLParam(url, 'name', 'linjm'); xhr.open('get',url,true); xhr.send(NULL); if(xhr.readyState == 4){ } if(xhr.status > 200 && xhr.status < 300 || xhr.status == 304){ } alert(xhr.responseText); url += (url.indexOf('?') == -1 ? '?' : '&'); url += encodeURIComponent(name) + '=' + encodeURIComponent(value); return url; if(window.XMLHttpRequest){ } return new XMLHttpRequest(); return new ActiveXObject('Microsoft.XMLHTTP'); throw new Error('No XMLHttpRequest available'); }else{ }else{}
28. Javascript
变量、作用域、作用域链.