设计问题:会话与参数 [英] design question: sessions vs arguments
问题描述
我正在完成我的第二个php项目。这是一种目录,我也使用了
css / mysql。该网站的所有功能主要是因为
我传递给地址栏上每个页面的大量参数。
例如
*要展示的商品数量
*类别
*品牌
* user_id
*价格区间
* ...
* ...
请注意,参数不可编辑,因为我已经实现了
种类额外的验证器参数,工作得很好
问题是:
为了实现良好的设计,因此是一个好的产品,应该
我必须使用会话变量,还是只是一种方式来做
相同的?
我会喜欢以正确的选择开始我的下一个项目...
问候 - jm
julian_m写道:我正在完成我的第二个php项目。它是一种目录,我也使用了
css / mysql。网站的所有功能主要是因为我传递给地址栏上每个页面的大量参数。
例如
*要显示的项目数量
*类别
*品牌
* user_id
*价格区间
* ...
* ...
请注意,参数不可编辑,因为我已经实现了一种非常好的额外验证器参数
问题是:
为了实现良好的设计,因此一个好的产品,应该
我必须使用会话变量,或者它只是一种相同的方式吗?
我想以正确的选择开始我的下一个项目... <问候 - jm
Sessions,当他们以这种方式使用时,通过默默无闻地实现另一级别的b / b''安全'' 。也就是说,它们只是让它变得有点
更难以看到来回传递的数据。如果你不是使用基于cookie的会话
,那么隐匿因素会再次上升。
会话还可以防止将URL剪切并粘贴到)
多个浏览器或b)作为书签。虽然您可以检测到对
参数数据的编辑,但是您能检测到重放吗?如果没有,你可能会遇到问题。
我试图从浏览器中隐藏尽可能多的信息,因为我可以简单地说,因为他们不能看,他们不能满足;-)
-david-
julian_m写道:为了实现一个好的设计,因此一个好的产品,我应该使用会话变量,还是只是一种方式来做同样的事情?
不要这样做。使用会话变量以某种方式隐藏GET变量
导致访问者在多个
标签/窗口中查看您的网站时出现主要导航问题。
Chung Leong写道:julian_m写道:为了实现良好的设计,因此一个好的产品,我应该使用会话变量,还是仅仅是一种相同的方式?
不要这样做。使用会话变量以某种方式隐藏GET变量
当访问者在多个选项卡/窗口中查看您的站点时会导致主要导航问题。
这是一个为什么我工作的原因hiper打破地址
吧,尽管它根本不漂亮。
David似乎有但另一种意见。我确信这将是战争的开始时间。
问候 - jm
i''m finishing my 2nd php project. It''s a sort of catalog and I used
css/mysql as well. All the functionality of the site is mainly beacause
the great number of arguments I pass to every page on the address bar.
For example
*number of items to display
*categories
*brands
*user_id
*price interval
*...
*...
Note that the arguments aren''t editable, beacause I''ve implemented a
sort of extra verifier argument which works quite well
The question is:
In order to achieve a good design and therefore a good product, should
I have to use session variables instead, or is it just a way to do the
same?
I would like to begin my next project with the right choice...
regards - jm
julian_m wrote:i''m finishing my 2nd php project. It''s a sort of catalog and I used
css/mysql as well. All the functionality of the site is mainly beacause
the great number of arguments I pass to every page on the address bar.
For example
*number of items to display
*categories
*brands
*user_id
*price interval
*...
*...
Note that the arguments aren''t editable, beacause I''ve implemented a
sort of extra verifier argument which works quite well
The question is:
In order to achieve a good design and therefore a good product, should
I have to use session variables instead, or is it just a way to do the
same?
I would like to begin my next project with the right choice...
regards - jm
Sessions, when they are used this way, implement another level of
''security through obscurity''. That is they make it just a little bit
harder to see what data is being passed back and forth. If you are not
using cookie-based sessions, the obscurity factor goes up again.
Sessions also prevent the issue of cutting and pasting the URL into a)
multiple browsers or b) as bookmarks. While you can detect edits to your
argument data, can you detect replays? If not, you may have an issue.
I try to hide as much information from the browser as I can simply
because what they can''t see, they can''t futz around with ;-)
-david-
julian_m wrote:In order to achieve a good design and therefore a good product, should
I have to use session variables instead, or is it just a way to do the
same?
Don''t do it. Using session variables to somehow hide GET variables
cause major navigation issues when visitors view your site in multiple
tabs/windows.
Chung Leong wrote:julian_m wrote:In order to achieve a good design and therefore a good product, should
I have to use session variables instead, or is it just a way to do the
same?
Don''t do it. Using session variables to somehow hide GET variables
cause major navigation issues when visitors view your site in multiple
tabs/windows.
That is one of the reasons why I work "hiper"polulating the address
bar, even though it isn''t beautiful at all.
David seems to have another opinion though. I was sure it will be the
beginnig of the war ;)
regards - jm
这篇关于设计问题:会话与参数的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
