1

我需要检测用户刚刚单击的位置 - 因为我的 AJAX 内容需要根据要插入的源页面以不同方式显示。

如果要进入 about.php,它只需要是数据,但如果要进入 about-main.php,它需要是整个中间列,因此需要围绕数据的页眉/页脚包装器。

通过 AJAX 调用的 html 保存在一个 php 页面中,该页面使用此代码来查看谁在询问,然后适当地格式化 HTML 响应。

$array[] = "/cf/about.php";
$array[] = "/cf/about/about-main.php";
$array[] = "/cf/about/other-page.php";


$ispage = "";
foreach ($array as $value) {
    if ($_SERVER['HTTP_REFERER'] != $value) {
        $ispage = "";
    } else {
        $ispage = "woot";
    }
}
if ($ispage == "woot") {
        echo $content;
    } else {
        include_once 'about-header.php';
        echo $content;  
        include_once 'about-footer.php';
}

问题是...... HTTP_REFERER 似乎有点命中注定。当我在网络上工作时它工作得很好,但我已经在家里的电脑上尝试过它显然完全无法工作 - 结果太可怕了:o

还有另一种方法可以实现这一目标吗?我想可以使用会话变量,但我没有太多经验!

任何和所有提示/提示都表示赞赏;)谢谢!

编辑:

该页面实际上是一个员工资料页面。它的正常位置是 about.php,第二列 div 显示一个缩略图网格,单击该网格时,通过 AJAX 在该位置加载配置文件。所有漂亮而简单的 - 后退按钮重新加载照片网格。

问题是,每个工作人员还需要一个静态页面。我在 about/staff-name.php 创建了这些。内容是一样的。我希望服务器检测是否有人直接访问了 about/staff-name.php,如果是,请在其周围加上页眉/页脚。

如果请求来自照片网格(即 AJAX),则不需要页眉/页脚包装器。

明白了吗?:o

1) 如果 AJAX 请求 - 没有包装器 2) 如果不是 AJAX 请求 - 添加页眉/页脚包装器

4

4 回答 4

3

Wouldn't it be easier to just pass a flag in your AJAX call to tell the script which type of content to display?

Edit:

So about/staff-name.php displays the content. Call it via AJAX as about/staff-name.php?FromAjax=1

Then in the about/staff-name.php file:

if (isset($_REQUEST['FromAjax']) ) {
    echo $content;
} else {
    include_once 'about-header.php';
    echo $content;  
    include_once 'about-footer.php';
}
于 2009-07-27T10:30:18.947 回答
3

No matter what, the Referer is not an information you should base your whole website upon : it is sent by the client, which means (at least) :

  • the client does not necessarily have to send it
    • it can be disabled in the browser
    • some firewall / antivirus remove it
  • it can be forged / altered (an easy way with firefox is to use an extension to do that)

You definitly must find a better/saffer/more reliable way to do what you need.

One solution (which you already discarded) would be to pass an additionnal information in all your links, saying which page the request comes from. In my opinion, this would probably be the best thing to do...

Maybe a simpler way would be to add a parameter to your Ajax request, saying where it comes from ? ie, instead of relying on the Referer in the PHP script, just have a look at a parameter in the request, which would act as some "kind of referer", but put by you ?

It will not be more secure (users could still forge request, with that parameter), but, at least, it would not be disabled / modified (except if the user does it by hand)


In the end, you also say this :

1) If AJAX request - no wrapper
2) If not AJAX request - add header/footer wrapper

Well, if it's only a matter of determining if the PHP script was called through an Ajax request, here too, two solutions :

  • Add a parameter to the Request when it's done through Ajax (you only add this parameter in the JS script doing the request ; and when the parameter is here, PHP knows it's an Ajax request)
  • Or, in the PHP script, look for an X-Requested-With HTTP header, which is often here with the value XMLHttpRequest when a request is made through an Ajax call. (But you should check that it's set with your JS Framework / or maybe it depends on the browser -- not sure about that :-( )
于 2009-07-27T10:52:54.923 回答
1

为什么不直接在服务器上创建静态页面而不使用 ajax,包括页眉和页脚以及配置文件位?如果页面是静态的,则不需要使用 javascript 加载内容。

如果您确实需要使用 javascript 加载它,那么 Vex 的解决方案很好。您可以在 ajax 调用中传递一些可选参数来控制页面的呈现方式 - 这样,包含的页面不需要知道使用它的页面,它只需要了解告诉它如何呈现的参数本身。然后,您将来可以更轻松地重复使用它。

但是,我确实注意到您的代码中有一个错误-这可能无法按预期工作:

$ispage = "";
foreach ($array as $value) {
    if ($_SERVER['HTTP_REFERER'] != $value) {
        $ispage = "";
    } else {
        $ispage = "woot";
    }
}

如果页面名称匹配,但下一个不匹配,则 $ispage 将设置回 ''。你可能最好做类似的事情:

$ispage = "";
foreach ($array as $value) {
    if ($_SERVER['HTTP_REFERER'] == $value) {
        $ispage = "woot";
        break;
    }
}

或者

$ispage = '';
if (in_array($_SERVER['HTTP_REFERER'], $array)) {
    $ispage = 'woot';
}
于 2009-07-27T10:53:50.773 回答
0

大苦丁——

如果您像这样格式化链接:

<a href="http://www.this-is-a-link.html?setvariablehere=yes">link</a>

那么php只需要这样:

if (isset($_REQUEST['setvariablehere']) ) {
    do something for when variable IS set
} else {
    do something for when variable IS NOT set
}
于 2009-08-10T08:09:30.303 回答