0

我正在用 PHP 开发一个网站,允许用户注册并输入一些信息,我想给每个用户一个唯一的 URL。当用户登录到他的个人资料时,我只想将用户名传递给 URL(如www.mysite.com/profile.php?user=username),以便以后重写。但是,我正在使用该$_POST方法,我担心如果我$_GET在登录时使用,密码也会传递给 URL。我应该怎么办?

4

4 回答 4

1

There shouldn't really be a problem doing this. You could simply use a POST method that points to a URL with a GET parameter.

So you make a POST request to:

www.mysite.com/profile.php?user={$username}

This way the user variable in the URL doesn't need to be used in the authentication.
Consider this for a simplistic example:

<form method="post" action="/profile.php?username=hasan">
  <input type="text" name="username" value="hasan" />
  <input type="text" name="password" value="********" />
</form>

The URL you are posting to doesn't have to be hard coded either - you could always dynamically add the user name before submitting the form.

于 2013-04-25T22:35:44.433 回答
0

On the link to or redirection you can add 

<a href="profile.php?user=<?php echo $php_variable ?>">Link to the profile</a>

and after you read it (in php file) with $_GET['user']

于 2013-04-25T22:35:36.853 回答
0

由于身份验证可能发生在单独的脚本中,例如login.php,在成功登录后重定向时,只需将用户名附加到配置文件 URL 即可。

header('Location: profile.php?username='.$username);
于 2013-04-25T22:41:21.907 回答
0

Lix 的答案是最好的,也是你应该做的,但假设你没有 login.php 并且出于某种奇怪的原因想要直接进入 profile.php?user 登录,你可以使用这个 javascript:

<script type="text/javascript">
    $(document).ready(function() {
        $("#theForm").submit(function() {
            $(this).attr("action", $(this).attr("action") + $("#usernameInput").val());
            return true;
        });
    });
</script>

你的表格看起来像:

<form action="http://www.mysite.com/profile.php?user=" method="post" id="theForm">
    <input type="text" name="usernameInput" id="usernameInput">
    <input type="password" name="passwordInput" id="passwordInput">
    <input type="submit" name="submit" value="Login">
</form>

然后您的操作将在提交时更改为输入的用户名。但是,您仍然应该有一个重定向到 profile.php?user 的中介 login.php。

于 2013-04-25T23:32:34.040 回答