用户发布表单后在屏幕上显示字段而不返回数据库的最佳方式是什么?
我有 3 个数据数组,用于填充屏幕上的某些字段。 当用户发布表单(与数组中包含的数据无关)时,我想再次在屏幕上显示数组数据,但在页面重新加载时不从数据库中检索它。 临时存储这些值的最佳方法是什么?
我正在考虑将它们存储在会话中,这是不好的做法吗? 有没有更好的方法,也许将它们作为隐藏的表单值传递?
I have 3 arrays of data that are used to populate some fields on screen. When a user posts the form (unrelated to the data contained in the arrays) I want to display the array data on screen again, but without retrieving it from the database when the page reloads. What's the best way to temporarily store these values?
I was thinking of storing them in the session, is that bad practice? Is there a better way, perhaps passing them as hidden form values?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(3)
另一种选择可能是序列化数组并将其保存到临时文件中。
关于问题会话与隐藏表单字段:表单字段的缺点是黑客可以在 HTML 源代码中看到它并滥用它。 因此,您必须进行一些额外的检查,以查看表单字段是否有效。
会话和序列化的问题在于,如果用户在完成整个过程之前离开网站,则信息将存放在服务器上。
最后一件事:你没有写出这些数组有多大。 如果这 3 个数组中的每一个都有数千个条目,那么序列化可能是比会话和表单字段更好的选择。
也许会话就是您所需要的。 但其他事情也应该考虑在内。
Another option could be to serialize the array and save it into a temporary file.
About the question session vs. hidden form fields: The disadvantage of the form fields is that hackers could see it in the HTML source code and misuse it. So you would have to do some extra checks to see if the form fields are in any way valid or not.
The problem with session and serialize is, that the information would be laying around on the server if the user is moving away from the website before he finished the whole process.
And the last thing: You are not writing how large those arrays are. If each of those 3 arrays have several thousand entries then serialize could be a better option than the session and form fields.
Probably sessions is what you need. But the other things should be taken into account too.
在表单中生成一组隐藏输入。 然后你就可以从帖子中阅读它们。
Generate a set of hidden inputs in the form. Then you can just read them from the post.
听起来像是会话的完美使用。 我只是要小心地确保您在数据库函数中进行了正确的错误处理,因为您绝对不想误导用户认为数据已保存,而实际上存在错误。
Sounds like a perfect use of session. I'd just caution to make sure that you have proper error handling in the database function, because you definitely don't want to mislead a user into thinking the data was saved, when there was actually an error.