Calling a JavaScript function named in a variable

 

This question already has an answer here:

  • How to execute a JavaScript function when I have its name as a string 29 answers

    • I'd avoid eval.

    To solve this problem, you should know these things about JavaScript.

  • Functions are first-class objects, so they can be properties of an object (in which case they are called methods) or even elements of arrays.
  • If you aren't choosing the object a function belongs to, it belongs to the global scope. In the browser, that means you're hanging it on the object named "window," which is where globals live.
  • Arrays and objects are intimately related. (Rumor is they might even be the result of incest!) You can often substitute using a dot . rather than square brackets [] , or vice versa.

    • Your problem is a result of considering the dot manner of reference rather than the square bracket manner.

    So, why not something like, 

    window["functionName"]();

    That's assuming your function lives in the global space. If you've namespaced, then: 

    myNameSpace["functionName"]();

    Avoid eval, and avoid passing a string in to setTimeout and setInterval. I write a lot of JS, and I NEVER need eval. "Needing" eval comes from not knowing the language deeply enough. You need to learn about scoping, context, and syntax. If you're ever stuck with an eval, just ask--you'll learn quickly.

    If it´s in the global scope it´s better to use: 

    function foo()
{
    alert('foo');
}

var a = 'foo';
window[a]();

    than eval() . Because eval() is evaaaaaal.

    Exactly like Nosredna said 40 seconds before me that is >.<

    Definitely avoid using eval to do something like this, or you will open yourself to XSS (Cross-Site Scripting) vulnerabilities.

    For example, if you were to use the eval solutions proposed here, a nefarious user could send a link to their victim that looked like this:

    http://yoursite.com/foo.html?func=function(){alert('Im%20In%20Teh%20Codez');}

    And their javascript, not yours, would get executed. This code could do something far worse than just pop up an alert of course; it could steal cookies, send requests to your application, etc.

    So, make sure you never eval untrusted code that comes in from user input (and anything on the query string id considered user input). You could take user input as a key that will point to your function, but make sure that you don't execute anything if the string given doesn't match a key in your object. For example: 

    // set up the possible functions:
var myFuncs = {
  func1: function () { alert('Function 1'); },
  func2: function () { alert('Function 2'); },
  func3: function () { alert('Function 3'); },
  func4: function () { alert('Function 4'); },
  func5: function () { alert('Function 5'); }
};
// execute the one specified in the 'funcToRun' variable:
myFuncs[funcToRun]();

    This will fail if the funcToRun variable doesn't point to anything in the myFuncs object, but it won't execute any code.

    链接地址: http://www.djcxy.com/p/94820.html

    上一篇: jQuery从一个字符串调用函数

    下一篇: 调用变量中命名的JavaScript函数