php 取消设置所有 $_POST 变量,以便在重定向时不会收到警告框
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/9826196/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Unset all $_POST variables so that I don't get alert box upon redirect
提问by Elaine Marley
After I submit a form I have 2 $_POST variables. In the landing page I want to turn them into $_SESSION variables and unset the $_POST ones so that the user won't get the alert of the browser to send their data again. This is my (not working) code:
提交表单后,我有 2 个 $_POST 变量。在登录页面中,我想将它们转换为 $_SESSION 变量并取消设置 $_POST 变量,以便用户不会收到浏览器再次发送数据的警报。这是我的(不工作)代码:
if(isset($_POST['clave']) && isset($_POST['email'])){
$_SESSION['id_user']=$_POST['clave'];
$_SESSION['email']=$_POST['email'];
}
if(isset($_SESSION['id_user']) && isset($_SESSION['email'])){
unset($_POST['clave']);
unset($_POST['email']);
//I do my stuff here
}
If I echo the posts nothing will show but everytime I reload I get the browser warning again.
如果我回显帖子什么都不会显示,但每次重新加载时,我都会再次收到浏览器警告。
回答by Quentin
You can't just delete the $_POST data from the server. The browser alerts it because it is stored by the browser. If it resubmits the data then it will send it back to the server and repopulate$_POST.
您不能只是从服务器中删除 $_POST 数据。浏览器会提醒它,因为它是由浏览器存储的。如果它重新提交数据,那么它将把它发送回服务器并重新填充$_POST。
What you need to do is to use the POST-REDIRECT-GETpattern.
您需要做的是使用POST-REDIRECT-GET模式。
Process the POST data (e.g. by dumping it into the session), then send the browser a redirectand not an HTML document. The browser then makes a GET request to the server and you give them the page then.
处理 POST 数据(例如,通过将其转储到会话中),然后向浏览器发送重定向而不是 HTML 文档。然后浏览器向服务器发出 GET 请求,然后您将页面提供给他们。
回答by Marc B
It's not possible. When the user hits reload, the PREVIOUS action is redone, which was a post. Even though you've unset the POST values when the form was first submitted, the reload action will be an entirely NEW request. The browser will ALWAYS ask the user if they'd like to resubmit the data.
这是不可能的。当用户点击重新加载时,先前的操作被重做,这是一个帖子。即使您在第一次提交表单时取消了 POST 值,重新加载操作将是一个全新的请求。浏览器将始终询问用户是否要重新提交数据。
To prevent this, you have to redirect the user to another page AFTER the post is formed.
为了防止这种情况,您必须在帖子形成后将用户重定向到另一个页面。
e.g.
例如
- user GETs the form.
- user POSTs the form
- server REDIRECTs user to a new page
- user GETs the new page
- user hits reload
- user GETs the new page again - no POST is performed.
- 用户获取表单。
- 用户发布表单
- 服务器重定向用户到新页面
- 用户获取新页面
- 用户点击重新加载
- 用户再次获取新页面 - 不执行 POST。
回答by Jim
This won't work because the browser is not warning you about the server-side, it's asking for confirmation that it should perform an unsafe action.
这是行不通的,因为浏览器没有警告您有关服务器端的信息,而是要求确认它应该执行不安全的操作。
In most cases, you should be using the POST/Redirect/GET pattern, which does not suffer from this problem.
在大多数情况下,您应该使用POST/Redirect/GET 模式,它不会遇到此问题。
回答by Ali Nawaz Hiraj
its an old post, but i also faced the same problem, so here the easy solution,
这是一个旧帖子,但我也遇到了同样的问题,所以这里有一个简单的解决方案,
create a login.php ==> which post two variables via html form
create a getHome.php ==> which will recieve two variables by $_POST['myvar']; function and put these two posted variables in a session, also echo wrong user n pass here if you like.
create a home.php ==> here you will put the if condition for checking session i.e. if(isset($_SESSION['myvar'])){ display home}else{ header('location: login.php'); *header function will redirect you to login.php iif you acess home.php file directly without logged in.
创建一个 login.php ==> 它通过 html 表单发布两个变量
创建一个 getHome.php ==> 它将通过 $_POST['myvar'] 接收两个变量;函数并将这两个发布的变量放在一个会话中,如果您愿意,也可以在此处回显错误的用户 n 传递。
创建一个 home.php ==> 在这里你将放置检查会话的 if 条件 ie if(isset($_SESSION['myvar'])){ display home}else{ header('location: login.php'); *header 函数会将你重定向到 login.php 如果你没有登录就直接访问 home.php 文件。
its done!!
完成!!
