加一个防止xss攻击实现过滤PHP危险函数例如alert把聊天框和输入昵称的地方防护一下head meta http-equiv=Content-Type content=applicationxhtml+xml; charset=utf-8; X-Wap-Proxy-Cookie=none meta name=viewport content=width=device-width

<head>
    <meta http-equiv="Content-Type" content="application/xhtml+xml; charset=utf-8; X-Wap-Proxy-Cookie=none" />
    <meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=no" />
    <title>烧杯大厅</title>
    <link type="text/css" href="app/style/chat.css?v=1.2" rel="stylesheet" />
</head>
<body>
<div class="top"><span class="name">烧杯在线聊天室</span></div>
<?php
require_once 'app/app.php';
if(empty(@$_COOKIE[KEYS.'_name'])){
    echo '<div class="write login">                
                <input type="text" value="'.rand_nick().'" id="nick" maxlength="5" placeholder="输入昵称..." oninput="this.value=htmlspecialchars(this.value);" />    
<pre><code>            &lt;a href=&quot;javascript:;&quot; id=&quot;login&quot; class=&quot;write-link send&quot;&gt;进入&lt;/a&gt;
</code></pre>
</div>';          
} 
echo '<div class="talk mk-chat-box">     
</div>
<div class="talk write">                
             <input type="text" id="msg" maxlength="140" placeholder="聊点什么吧..." oninput="this.value=htmlspecialchars(this.value);" />            
                <a href="javascript:;" id="send" class="write-link send" onclick="send()">发送</a>
</div>'; 
?>
<div class="foot">本聊天室禁止广告！打了死妈！！<a href="./">刷新</a></div>
<script src="app/style/jquery.min.js"></script>
<script src="app/style/chat.min.js"></script>
</body>
</html