我有一个脚本,它需要对数组进行洗牌,然后将它们存储到一个 cookie 中,这样用户只会对数组进行一次洗牌。
这是脚本:
$shufflecookie = $_COOKIE['shuffle'];
if (isset($_COOKIE['shuffle'])) {
$items = unserialize(gzuncompress(base64_decode($shufflecookie)));
}
else {
shuffle($items);
$items_serialized = base64_encode(gzcompress(serialize($items)));
setcookie("shuffle", $items_serialized, 0, "/");
}
这样做安全吗?或者也许有更好的方法来存储这些数据?谢谢
UPD。感谢您的帮助。我所做的只是用会话替换cookie。所以新代码是:
$shufflecookie = $_SESSION["shuffle"];
if (isset($_SESSION["shuffle"])) {
$items = unserialize(gzuncompress(base64_decode($shufflecookie)));
}
else {
shuffle($items);
$items_serialized = base64_encode(gzcompress(serialize($items)));
$_SESSION["shuffle"] = $items_serialized;
}