如何正确使用动态页面的会话 [英] How to correctly use Sessions for dynamic pages
问题描述
这是我这个问题的第二部分:
This is the second part of my question from here:
我现在正在将代码放在一起。
如果你不想看看我的问题的第一部分,那么不好告诉你,我正在试验和制作一个允许用户发布特定城市的活动的网站。首先,用户使用下拉菜单来选择状态,然后在下一页,他们使用下拉菜单选择城市。一旦城市被选中,他们将被带到city.php,我们在我们的数据库中使用查询来显示人们为该特定城市发布的活动。无论如何,我想扩展城市,并将city.php转换为索引,其中将链接到events.php,jobs.php或forsale.php。当用户点击其中一个链接时,特定的城市仍然会被记住,并且会进行查询来拉出这些信息。我只是遇到编码问题:
I am now trying to put the code together. If you dont want to look at the first part of my question then ill tell you that i am experimenting and making a site that allows users to post events for a specific city. First the user uses a drop down menu to selct state, then on the next page they use a drop down menu to select the city. Once the city is selected they are taken to city.php where we use queries in our database to show events that people have posted for that particular city. Anyway i want to expand the city and turn city.php into the index where links to either events.php, jobs.php, or forsale.php will be located. When a user clicks on one of those links the particular city will still be remembered and a query will be done to pull out those info. Im just having problems coding:
来自城市的代码下拉菜单:
Code from city drop down menu:
while($result = mysqli_fetch_array($doQuery)){
// $result contains id (cid) and name (cname) for each city
// $result - current row
// here we add HTML code for option "dynamically"
echo "<option value='".$result["cid"]."'>".$result["cname"]."</option>";
session_start();
$_SESSION['cname'] = $city;
来自city.php的代码:
code from city.php:
session_start();
$_SESSION['cname'] = $city;
// import dbconnect.php
// we use require(not include) to stop the script if such file does not exist
// we use "once" because we do not need to establish dbconnection if it already exists
require_once("dbconnect.php");
// all data which we get from cityByState.php are stored in $_POST superglobal array
// in our case we have only one field "city" so we can get city id from $_POST["city"]
// also we use intval function for security purposes. It converts variable to integer.
$cityId = intval($_REQUEST["city"]);
// query which gets all info about required city
$query = "select * from cities where id=$cityId";
// run the query and handle possible errors
if(!($doQuery = mysqli_query($db, $query))){
echo "Can not get info about the city!"; exit();
}
我只是一个初学者,似乎无法理解如何正确使用会话让我的网站正常工作。我也不知道我会用什么来确保我可以在city.php(事件,工作,forsale)的子页面上进行正确的查询。
I am just a beginner and can't seem to understand how to properly use sessions to get my site to work properly. I am also not sure what i would use to insure that i can do the proper queries on the sub pages of city.php (events, jobs, forsale).
推荐答案
对于一个,你应该在开放php标签下开始你的会话。至少为了以后的任何人看这个代码。
For one, you should start your session right under the opening php tag. At the very least for the sake of anyone else looking at this code later.
所以这个大规模的帖子基本上说我如何将一个选定的城市设置为一个会话变量和使用它从数据库中获取结果?
So this massive post basically says "How do I set a selected city into a session var and use that to fetch results from the database?"
好的,我们从选择表单开始吧。让我们修改你的代码,通过打破php,并以正确的方式编写好的ol html。总是避免在PHP中写入html (echo'< a href =>'...等)
Ok, so let's start with the select form. Let's modify your code by breakingout of php and writing good ol html the right way. ALWAYS avoid writing html in php (echo '<a href="">'... etc)
<form id="city_select" action="" method="post">
<fieldset>
<select name="city">
<?php while($result = mysqli_fetch_array($doQuery)): ?>
<option value="<?php echo $result["cid"]; ?>" <?php echo ($result['cid'] == $_SESSION['city_id'] ? 'selected="selected"' : ''); ?>><?php echo $result["cname"]; ?></option>
<?php endwhile; ?>
</select>
<input type="submit" name="submit" value="Submit">
</fieldset>
</form>
如果你不知道,这行是一个 ternary 操作符。您可以在该链接中看到一个示例...
in case you don't know, this line is a ternary operator. You can see an example at that link...
<?php echo ($result['cid'] == $_SESSION['city_id'] ? 'selected="selected"' : ''); ?>
只是说如果行城市ID等于会话城市ID,添加 selected =selected到该选项的html。
It just says if the row city id is equal to the session city id, add selected="selected" to the html for that option.
现在,在php中 - 表单中的action属性指向,你处理这个请求...
Now, in php - where your action attribute in the form points to, you process this request...
<?php
session_start();
if(isset($_POST['city']))
{
$_SESSION['city_id'] = $_POST['city'];
//you can do other processing here, like redirecting to the last page viewed to prevent double posting and that annoying re-submit form popup, etc
}
?>
现在至少你的下拉菜单应该记住最后一个选定的城市。下一步是使您的结果关心该选择。
显然你需要正确地逃避$ _SESSION ['city_id'],但是这个例子让我们假设你已经在做...
Now at the very least your dropdown should remember the last selected city. Next step is to make your results care about that selection. obviously you need to properly escape $_SESSION['city_id'] but for this example let's just assume you're already doing that...
$query = "select * from cities where id=".$_SESSION['city_id'];
有很多方法可以改善这一点,甚至尝试开始是有威胁的。我假设你使用过程编程习惯而不是OOP,你知道转义用户输入,并且你对PHP有一个基本的了解。如果您有任何具体问题,我可以更新此信息。
There are so many ways to improve this that it would be menacing to even try to begin. I make the assumption that you are using procedural programming habits and not OOP, that you are aware of escaping user input, and that you have a basic understanding of php. If you have any specific questions I may update this post.
这篇关于如何正确使用动态页面的会话的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
