我对 PHP Post/Redirect/Get 感到困惑 [英] I am confused about PHP Post/Redirect/Get

问题描述

在文章中关于防止 PHP 表单重新提交，我阅读了以下内容:

In an article on preventing PHP form resubmissions, I read the following:

(未引用)这可能是接收表单数据的页面，例如名为form.php":

(Not quoting) This could be the page that receives the form data, for example called "form.php":

<form action="submit.php">
  <input type="text" name="user" required />
  <input type="password" name="pass" required />
  <input type="submit" value="Log in" />
</form>

因此，处理 POST 数据的页面将被称为submit.php".如果登录正确，此代码将运行:

The page that would process the POST data would therefore be called "submit.php". If the login went correctly, this code would run:

header('Location: /login/form.php?success=true');

但是，用户不能直接导航到上面的 URL 吗?另外，GET 变量的目的是什么?难道我不能在 form.php 中有一个脚本来检查用户是否已登录?

However, couldn't a user just navigate to the URL above? Also, what is the purpose of the GET variable? Couldn't I just have a script at form.php that checks if the user is logged in?

在 submit.php 中，我应该将登录的用户名保存为 $_SESSION['username']，然后在 form.php 中检查 isset() 吗?此外，由于其中包含成功"的 URL 并不是很漂亮，再次重定向用户是否经济?我应该使用 PHP header() 还是 Javascript window.location.href? 如您所见，我有点困惑.

At submit.php, should I save the logged in username as $_SESSION['username'], and then check if isset() at form.php? Also, since a URL with "success" in it isn't really pretty, is it economical to redirect the user once again? Should I use PHP header() or Javascript window.location.href? As you see, I'm sort of confused.

感谢您的帮助.

推荐答案

但是，用户不能直接导航到上面的 URL 吗?

However, couldn't a user just navigate to the URL above?

是的，他可以.不过这不会造成任何不好的影响.

Yes, he can. This will not cause anything bad though.

另外，GET 变量的用途是什么?

Also, what is the purpose of the GET variable?

要有一些标志来表示表单已成功处理，您需要祝贺用户.

To have some flag that represents the fact that the form has been processed successfully and you need to congratulate user.

难道我不能在 form.php 中有一个脚本来检查用户是否已登录?

Couldn't I just have a script at form.php that checks if the user is logged in?

嗯，您可以按照您喜欢的方式保留您的代码.没有任何强烈要求

Uhm, you can keep your code in the way you like. There is no any strong requirements

在 submit.php 中，我是否应该将登录的用户名保存为 $_SESSION['username']，然后在 form.php 中检查是否 isset()?

At submit.php, should I save the logged in username as $_SESSION['username'], and then check if isset() at form.php?

如果您需要在当前会话中保留它 - 是的，请这样做.

If you need to persist it across the current session - yes, do so.

另外，因为带有success"的URL并不是很漂亮，再次重定向用户是否划算?

Also, since a URL with "success" in it isn't really pretty, is it economical to redirect the user once again?

重定向到哪里.重定向是非常便宜的事情.

Redirect where. Redirection is pretty cheap thing.

我应该使用 PHP header() 还是 Javascript window.location.href?

Should I use PHP header() or Javascript window.location.href?

你绝对应该在 php 中这样做，否则你会遇到试图避免遵循 PRG 方式的麻烦.

You definitely should do that in php, otherwise you'll get the troubles you're trying to avoid following PRG-way.

这篇关于我对 PHP Post/Redirect/Get 感到困惑的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！