用PHP人工使網頁過期

上一篇 / 下一篇 2007-12-31 01:06:43 / 個人分類：php

文件版本: V1.0
開發商: 網絡來源
文件來源: 網絡
界面語言: 繁中
授權方式: 免費
運行平台: Win9X/Win2000/WinXP

用PHP人工使網頁過期     detrox [翻譯] 頂客社區 eka$k6B ]qmP
關鍵字  網頁過期，註冊網頁編寫頂客社區2g-a0jw0V8THs
出處  http://www.phpbuilder.net/columns/clark20030702.php3
0M.b]?E:@0 頂客社區x-{3u]#W)hA
Manually Expiring Web Pages頂客社區}+fy&fh3?
人工使網頁過期頂客社區v$TA(}vn(F` zH

作者: Joe Clark頂客社區#T-O2Y,vQu.y
翻譯: detrox

7L fuBDc_X*W:I8~%{X0After going through a series of pages during a registration process, you don't want the user to be able to go back after the final submit. What can you do to manually "expire" those pages, and perhaps display a custom message?頂客社區v6Z Kdq-X@

在填寫完成某註冊過程中的一系列網頁後，你不想用戶能夠在最終提交後回到以前的頁面。你應該怎樣做才能人工地使這些網頁過期，並且如果有可能則給出一條已定制好的消息呢。頂客社區QH;p*V-aw^zu#@W

In this scenario, I didn't want my session to expire as I needed it to continue. Instead, I used an extra session variable to track whether my session was alive or not. There are three main components: (1) the entry script, (2) the Cache-control directive, (3) the conditional check, and (4) manually expiring a portion of the session.

在這一關裏，我不想讓我的session過期，因為我需要它能夠繼續運轉。我使用一個額外的session變數來跟蹤我的session是否為活動的。有三個主要的組件: (1)入口腳本(2)緩存控制指示符(3)條件檢測和(4)人工使一部分session過期。頂客社區"z,B?vm)G7s

THE ENTRY SCRIPT
(RwXu(Zm,hU)mm0入口腳本
8ca+{;|:|hj0w%c e0I use an entry script. to start my session. This accomplishes two things: (1) destroys any session already in progress, and (2) starts a new session.

我使用一個入口腳本來開始我的session.它用來完成兩件事: (1)銷毀任何已經存在於過程中的session，和(2)開始一個新的session.頂客社區p`f)t_

entry.php:頂客社區{${ T^#j sA5D_

<?頂客社區H'`4Y&A'X$^
php session_start(); session_unset(); session_destroy(); session_start(); session_register('alive'); $_SESSION["alive"] = "1"; Header("Location:/php/createaccount.php");?>
B-EUs$eOQM3e3^0In the above script, we start the session, get rid of any registered session variables with session_unset(), and destroy that session with session_destroy(). Then, we start a new session and register a session variable. This particular variable will track whether this portion of the session is alive or not. We set the variable to some value, then we redirect to our first page in the registration series.頂客社區 ?&Z&cT(f@

在上面的腳本中，我們開始session,用session_unset()清除一切已經註冊的session變數，並且用session_destory()來銷毀先前的session。然後，我們開始一個新的session並且註冊一個session變數。這個特定的變數將跟蹤表示這部分session是否為活動的。我們將為變數設置一些值，之後重定向到我們的一系列註冊網頁的第一頁。

CACHE-CONTROL AND CONDITIONAL CHECK頂客社區]W;r9]E7x
緩存控制和條件檢測頂客社區MW9I_y
In the following code snippet, we will auto-detect if the session is still in use.頂客社區.|SZzI AH3@]2^
在下面這段簡短的代碼中，我們將自動檢測session是否仍然正在使用。頂客社區qB`5`F0U,~9G

createaccount.php:

<?頂客社區$D4Sb,X8z:M l
php session_start(); header("Cache-control: must-revalidate"); if ($_SESSION["alive"] != "1") { // User is attempting to go back after the session was destroyed //用戶試圖在session被銷毀前返回 Header("Location:/php/error100.php"); }?>
6uby|-d0The "Cache-control" directive above is very important. Using "must-revalidate" tells the browser that it has to fetch the page from the server again instead of loading if from its cache. Because it reloads the page from the server, it will re-check the $_SESSION["alive"] variable to see if its value is "1". If so, the page can load properly. If not, then we'll redirect the user to another page that contains a custom error message. Placing this script. at the beginning of every page in the registration series will catch every "Back" button press by the user. It's not enough to place it on the last page in the registration series as a user could press the "Back" button more than one time. I have this snippet in createaccount.php, createaccount1.php, createaccount2.php and createaccount3.php.頂客社區;gA"Y,{p-q0I

上面的緩存控制指示符號非常重要。使用"must-revalidate"告訴流覽器應該用從伺服器端讀取網頁而不是使用從流覽器的緩存中讀出。因為從伺服器端重新讀出的網頁將重新檢查$_SESSION["alive"]變數看看他的值是否為1。如果是的則網頁會被正常讀取，如果不是那麼我們將把用戶重定向到一個定制了錯誤消息的網頁。將這段腳本放到註冊系列頁的每一頁的開始，就可以捕獲每一次用戶對"Back"按鈕的點擊。僅把這段腳本放在一系列註冊網頁的最後一頁是不夠的，因為用戶可能不止一次地點擊"Back"按鈕。我把這段內容寫入了createaccount.php, createaccount1.php, createaccount2.php and createaccount3.php.

MANUALLY EXPIRE THE SESSION頂客社區 F;h,O%H]5}&l} hH
人工地使SESSION過期頂客社區G/mNL1I;|
The last thing to do is manually "expire" the session, or at least a portion of it. In my case, I wanted the session to stay alive, so I could not use session_unset() or session_destroy(). However, I didn't want the user to go back to the previous pages and change things. Remember that $_SESSION["alive"] variable? After the final submit, all we have to do is get rid of it. There are two ways to do this:頂客社區C0J,xae3cXc?

最後一件要做的事就是人工地使session過期，或者至少使一部分過期。在這個情況下，我想要session保持活動，因此我不能使用session_unset()或者session_destroy().但無論如何，我不想讓用戶回到前一頁去改變什麼。記得$_SESSION["alive"]變數嗎？我們要做的就是在最後一次提交後擺脫它。有兩個方法可以達到目的頂客社區 o2]4TZ_3K0j

createaccount4.php (the page after the final submit):

<?php session_start(); $_SESSION["alive"] = "0"; ?> or <?php session_start(); session_unregister('alive'); ?>
:V-Op:@|`@$z0Either way will accomplish the same thing. Now, when the "Back" button is pressed, the user won't return the the previous page and be able to change data and resubmit. Instead, they will be redirected to error100.php (or whatever page you choose) and will get a custom error message.

任一方法都可以完成相同的事。現在，當"Back"按鈕被按下，用戶將不能回到前一頁去做資料更改和重複提交。取而代之的是用戶將被重定向到error100.php（或者任何你選用的頁面）並且得到一個已定制的錯誤資訊。頂客社區s3P)`]*qxf

So, the next time you want to stop the user from going back to change data previously entered, and if you want manual control over it, use this method. Just remember that the entry script. sets the session variable to the "alive" state, and the exit script. (right after your final submit during the process) sets the session variable to a "not alive" state. The "Cache-control: must-revalidate" forces the browser to reload the page from the server, and the "alive" check is performed. Redirection to a custom page occurs when the session variable is not "alive".頂客社區n]:M3s'E

因此，下次當你想阻止用戶返回前一頁改變以前輸入的資料時，如果你想人工的控制它，就是用這個方法吧。記住使用入口腳本設置session變數到"alive"狀態，使用出口腳本(在處理過程中最終提交動作的後面）設置session變數到"not alive"狀態。"Cache-control: must-revalidate"強迫流覽器從伺服器端重新讀取網頁，並且實施"alive"檢測。當session變數不再為"alive"時，重定向到一個定制頁。