PHP将POST数据发送到重写的URL
我有一个正在开发的页面,位于PHP将POST数据发送到重写的URL,php,.htaccess,url,post,url-rewriting,Php,.htaccess,Url,Post,Url Rewriting,我有一个正在开发的页面,位于mysite.com/page 在此页面上,用户可以输入用户名和密码: <form method="post"> <div class='form-group'> <label for='username'>Username</label> <input class='form-control' id='spreadsheet-form-username' name='use
mysite.com/page
在此页面上,用户可以输入用户名和密码:
<form method="post">
<div class='form-group'>
<label for='username'>Username</label>
<input class='form-control' id='spreadsheet-form-username' name='username' placeholder='Username'>
</div>
<div class='form-group'>
<label for='password'>Password (optional - required to edit)</label>
<input type='password' class='form-control' name='password' id='spreadsheet-form-password' placeholder='Password'>
</div>
<button type='submit' class='btn btn-default'>Submit</button>
</form>
但是,在重写URL时,我似乎无法获取$_POST[“password”]数据。它仅在URL重写之前可用
我不一定需要能够发送密码,但我希望能够发送一些信息,让我知道该页面应该是可查看的还是可编辑的。我也不能通过URL发送它(例如:mysite.com/page/exampleUser/edit
),因为我不希望用户仅仅通过更改URL就能编辑其他用户的数据
以下是我如何处理url重写:
// Trim leading slashes
$path = ltrim($_SERVER['REQUEST_URI'], '/');
// Split url on slashes
$elements = explode('/', $path);
if ($elements[0] == "page" && sizeof($elements) == 1) {
// do nothing, there wasn't a username submitted
}
else {
switch(array_shift($elements))
{
case 'page':
echo "username: " . $elements[1];
echo "password: " /* not sure what to put here*/;
break;
default:
header("/404.php");
break;
}
}
和我的.htaccess
:
RewriteEngine On
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^([^\.]+)$ $1.php [NC]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ 404.php [L]
任何帮助都将不胜感激 您可以在会话中存储密码和某种标识符。在下面的示例中,我使用了
uniqid()
来生成密钥。您可以安全地将此ID放入重定向URL中
稍后,您可以检查ID并使用会话中存储的密码(如果匹配)
// Remove if session is already started at this point
session_start();
$mode = "view";
if (isset($_POST["password"])) {
if (hashOfPassword matches password submitted) {
$mode = "edit";
}
}
if (isset($_POST["username"])) {
$username = $_POST["username"];
$passwordId = uniqid();
$_SESSION['spreadsheetPasswordId'] = $passwordId;
// Password should be hashed before writing it to session.
$_SESSION['spreadsheetPassword'] = $_POST["password"];
header("Location: /spreadsheet/" . $username . "/" . $passwordId);
}
后来
// Remove if session is already started at this point
session_start();
// Trim leading slashes
$path = ltrim($_SERVER['REQUEST_URI'], '/');
// Split url on slashes
$elements = explode('/', $path);
// we need at least three elements
if ($elements[0] == "page" && sizeof($elements) < 3) {
// do nothing, there wasn't a username submitted
}
else {
switch(array_shift($elements))
{
case 'page':
echo "username: " . $elements[1];
echo "password: " . (
$_SESSION['spreadsheetPasswordId'] == $elements[2] ?
$_SESSION['spreadsheetPassword'] :
'Access key is invalid or has expired.');
break;
default:
header("/404.php");
break;
}
}
//如果此时已启动会话,则删除
会话_start();
//修剪前导斜线
$path=ltrim($\u服务器['REQUEST\u URI'],'/');
//在斜杠上拆分url
$elements=分解(“/”,$path);
//我们至少需要三个要素
如果($elements[0]=“page”&&sizeof($elements)<3){
//不执行任何操作,未提交用户名
}
否则{
开关(阵列移位($elements))
{
案例“第页”:
echo“用户名:”.$elements[1];
回显“密码:”(
$\会话['spreadsheetPasswordId']==$elements[2]?
$\会话['spreadsheetPassword']:
“访问密钥无效或已过期。”);
打破
违约:
标题(“/404.php”);
打破
}
}
您可以启动会话
,在URL重写之前确认密码,并为会话提供某种“授权”,然后在URL重写之后进行检查。
// Remove if session is already started at this point
session_start();
// Trim leading slashes
$path = ltrim($_SERVER['REQUEST_URI'], '/');
// Split url on slashes
$elements = explode('/', $path);
// we need at least three elements
if ($elements[0] == "page" && sizeof($elements) < 3) {
// do nothing, there wasn't a username submitted
}
else {
switch(array_shift($elements))
{
case 'page':
echo "username: " . $elements[1];
echo "password: " . (
$_SESSION['spreadsheetPasswordId'] == $elements[2] ?
$_SESSION['spreadsheetPassword'] :
'Access key is invalid or has expired.');
break;
default:
header("/404.php");
break;
}
}