在 PHP 页面之间传输变量
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/240470/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Transfer variables between PHP pages
提问by chustar
I want to get user input in one page, store that in a php variable and use it in another php page. I have tried using 'sessions' but it doesn't seem to be working. Is there another safe alternative? This information is likely to be usernames and passwords.
我想在一个页面中获取用户输入,将其存储在一个 php 变量中并在另一个 php 页面中使用它。我试过使用“会话”,但它似乎不起作用。还有其他安全的选择吗?此信息可能是用户名和密码。
回答by Ross
Try changing your session code as this is the best way to do this.
尝试更改您的会话代码,因为这是执行此操作的最佳方法。
For example:
例如:
index.php
索引.php
<?php
session_start();
if (isset($_POST['username'], $_POST['password']) {
$_SESSION['username'] = $_POST['username'];
$_SESSION['password'] = $_POST['password'];
echo '<a href="nextpage.php">Click to continue.</a>';
} else {
// form
}
?>
nextpage.php
下一页
<?php
session_start();
if (isset($_SESSION['username'])) {
echo $_SESSION['username'];
} else {
header('Location: index.php');
}
?>
However I'd probably store something safer like a userid in a session rather than the user's login credentials.
但是,我可能会在会话中存储更安全的内容,例如用户 ID,而不是用户的登录凭据。
回答by ZombieSheep
I Agree with carson, sessions should work for this. Make sure you are calling session_start()before anything else on any page you want to use the session variables.
我同意卡森,会议应该为此工作。确保在要使用会话变量的任何页面上的任何其他内容之前调用session_start()。
Also, I would not store password info directly, rather use some kind of authentication token mechanism. IMHO, it is not intrinsicallyunsafe to store password data in a session, but if there is no need to do so, you should probably try to avoid it.
另外,我不会直接存储密码信息,而是使用某种身份验证令牌机制。恕我直言,在会话中存储密码数据本质上并不是不安全的,但如果没有必要这样做,你应该尽量避免它。
回答by Stefan Gehrig
There are several ways:
有几种方式:
- use sessions(but don't forget to call session_start()on every page you'll use the session data store ($_SESSION))
- append your data to the query string of the "next" page ($_GET)
- post your data to the "next" page ($_POST)
- 使用会话(但不要忘记在您将使用会话数据存储($_SESSION)的每个页面上调用session_start())
- 将您的数据附加到“下一个”页面的查询字符串($_GET)
- 将您的数据发布到“下一个”页面($_POST)
The session-way is the only way on which the data does not "leave" the server as it's stored on the server itself. For all other ways mentioned above you have to take care of sanitizing and validating the data on the receiving page.
会话方式是数据不会“离开”服务器的唯一方式,因为它存储在服务器本身上。对于上述所有其他方式,您必须注意清理和验证接收页面上的数据。
The most simple way would be
最简单的方法是
//page1.php
session_start();
$_SESSION['user']='user';
$_SESSION['password']='password';
//page2.php
session_start();
echo $_SESSION['user'] . ' ' . $_SESSION['password'];
回答by Treb
I agree too, sessions are the best solution. See this chapter from Web Database Applications with PHP & MySQLfor some examples.
我也同意,会议是最好的解决方案。有关一些示例,请参阅使用 PHP 和 MySQL 的 Web 数据库应用程序中的本章。
