0 
$apply_id=1111;

if(isset($_COOKIE['apply'])){
    $apply_cookie=$_COOKIE['apply'];
    @$apply_cookie=gzuncompress($_COOKIE['apply']);}
else{$apply_cookie=array();}

$apply_cookie = @explode(',', $apply_cookie);
if($apply_cookie === false){$apply_cookie = array();}
else{
    $count=count($apply_cookie);
    for($n=0; $n<$count; $n++){
        if(!is_numeric($apply_cookie[$n])){unset($apply_cookie[$n]);}
    }   
}

//HAVE COOKIE
if(@in_array($apply_id, $apply_cookie)==TRUE){
    echo "COOKIE=TRUE<BR>";
    print_r($apply_cookie);
}
else{
    //NO COOKIE,DB HAVE RECORDED
    $db=TRUE; //QUERY HERE,SET TRUE OR FALSE FOR NOW
    if($db==TRUE){
        echo "COOKIE=FALSE; DB=TRUE";

        $apply_cookie[]=$apply_id;  
        $apply_cookie=implode(',', $apply_cookie);
        $apply_cookie=gzcompress($apply_cookie);    
        setcookie("apply", $apply_cookie, time()+3600*24*60);

    }
    else{
        //NO COOKIE,NO RECORDED
        echo "COOKIE=FALSE, DB=FALSE";

        $apply_cookie[]=$apply_id;
        $apply_cookie=implode(',', $apply_cookie);
        $apply_cookie=gzcompress($apply_cookie);    
        setcookie("apply", $apply_cookie, $apply_cookie, time()+3600*24*60);
    }
}

我设置了一个cookie来检查用户是否已被应用。如果cookie有记录。它将跳过查询。如果没有 cookie 或没有记录,则查询 db 并更新 cookie。

gzcompress(使它更小)-> explode(数组)-> is_number(只允许数字)-> in_array(检查它是否存在)

这足够安全吗?(我serialize以前用过,但是好像有点不安全)

只检查cookie记录是否存在,如果没有则查询并更新cookie

4

1 回答 1

2

更好的解决方案是:

<?php

$apply_id = 1111;

switch (true) {

case !isset($_COOKIE['apply']):
case ($apply_cookie = @gzuncompress($_COOKIE['apply'])) === false:
case !is_array($apply_cookie = json_decode($apply_cookie)):
    $apply_cookie = array();
    break;
default:
    $tmp = array();
    foreach ($apply_cookie as $c) {
        if (is_string($c) && is_numeric($c)) {
            $tmp[] = $c;
        }
    }
    $apply_cookie = $tmp;
}

if (in_array($apply_id, $apply_cookie)) {
    // HAVE COOKIE
    echo 'COOKIE = TRUE<br />'.PHP_EOL;
    echo nl2br(print_r($apply_cookie, true));
} else {
    $db = true;
    // HAVE NO COOKIE
    if ($db) {
        // HAVE RECORDED
        $apply_cookie[] = $apply_id;
        setcookie('apply', gzcompress(json_encode($apply_cookie)), time()+3600*24*60);
        echo 'COOKIE = FALSE, DB = TRUE<br />'.PHP_EOL;
    } else {
        // HAVE NO RECORDED
        $apply_cookie[] = $apply_id;
        setcookie('apply', gzcompress(json_encode($apply_cookie)), time()+3600*24*60);
        echo 'COOKIE = FALSE, DB = FALSE<br />'.PHP_EOL;
    }
}

注意:您必须setcookie在任何输出之前。

于 2013-06-23T06:26:47.057 回答