Request.Form有人能告诉我和之间的确切区别 Request.QueryString吗?
我知道一个区别,比如
如果 HTTP 请求方式为 POST,则用户提交的数据在 Request.Form()集合中
如果 HTTP 请求方法是 GET,则用户提交的数据在 Request.QueryString()集合中
还有什么不同吗?任何例子都将不胜感激。
问问题
51251 次
6 回答
21
InRequest.Form数据发布在http请求正文中,而In 数据QueryString通过 url 发送。
于 2013-12-20T06:04:30.947 回答
14
我发现了一些其他的不同
Request("id")
将首先尝试定位
Request.Form("id")
然后
Request.Querystring("id")
然后
Request.Cookies("id")
最后
Request.ServerVariables("id")
如果可能,建议使用显式命名约定,因为它更有效且更具可读性。它还使您能够确定您的信息来自哪里,因为系统将在第一次命中后停止......它是如果您指定信息的位置,系统也会更快。
我们可以参考这个链接了解更多细节:
但是任何人都知道其他区别,我真的很感激。
于 2013-12-20T06:17:57.807 回答
7
如 MSDN 上所述,
( Request.Form ):Request.Form(element) 的值是请求正文中出现的所有元素值的数组。您可以通过调用 Request.Form(element).Count 来确定参数值的数量。如果一个参数没有关联的多个值,则计数为 1。如果未找到该参数,则计数为 0。
和 ( Request.QueryString ):Request.QueryString(parameter) 的值是 QUERY_STRING 中出现的所有参数值的数组。您可以通过调用 Request.QueryString(parameter).Count 来确定参数值的数量。如果一个变量没有与之关联的多个数据集,则计数为 1。如果未找到该变量,则计数为 0。
所以,有几点需要注意:
在页面上的典型表单中,我们可能会包含一些隐藏元素:
<form method="post">
<input type="hidden" name="lol" value="cat" />
<input type="text" />
</form>
隐藏元素(如果没记错的话)不会显示在QueryString. 所以,我会假设有些东西没有在Request.QueryString. 不幸的是,我正在新机器上重新安装开发应用程序,目前无法对此进行测试,但如果我是对的,当您提交表单时POST,将发送有关表单及其内容的更多详细信息。当您访问 时QueryString,您只会看到构成整个 URL 的内容,例如:
http://somesite.com/index.html?v=1&NonHiddenElement=lol&ManualValue=hello
于 2013-12-20T06:24:55.597 回答
4
Request.Form - 表示您要检索已发布表单的值。
Request.QueryString - 表示您要检索已在查询字符串上传递的值。
于 2013-12-20T06:07:31.107 回答
2
申请表()
- Form 集合检索发布到 HTTP 请求正文的表单元素的值,仅检索表单中存在的那些元素和值。
请求.QueryString()
- QueryString 集合检索 HTTP 查询字符串中的变量值,您可以在此处附加任何自定义变量和值,这些事件在您的表单中不存在。
于 2013-12-20T06:33:45.727 回答
-1
Request.Form 集合
The Form collection retrieves the values of form elements posted to the HTTP request body, with a form using the POST method.
Form input is contained in headers. It is wise to not trust the data that is contained in headers, as this information can be falsified by malicious users. For example, do not rely on data such as cookies to securely identify a user.
As a security precaution, always encode header data or user input before using it. A general method of encoding data is to use Server.HTMLEncode. Alternatively, you can validate header data and user input with a short function such as the one described in Validating User Input to Avoid Attacks. For more detailed information about developing secure Web applications, see chapter 12 of MS Press - Writing Secure Code.
Syntax
Request.Form(element)[(index)|.Count]
Parameters
element
The name of the form element from which the collection is to retrieve values.
index
An optional parameter that enables you to access one of multiple values for a parameter. It can be any integer in the range 1 to Request.Form(parameter).Count.
Applies To
Request Object
Remarks
The Form collection is indexed by the names of the parameters in the request body. The value of Request.Form(element) is an array of all the values of element that occur in the request body. You can determine the number of values of a parameter by calling Request.Form(element).Count. If a parameter does not have multiple values associated with it, the count is 1. If the parameter is not found, the count is 0.
To reference a single value of a form element that has multiple values, you must specify a value for the index parameter. The index parameter may be any number between 1 and Request.Form(element).Count. If you reference one of multiple form parameters without specifying a value for index, the data is returned as a comma-delimited string.
When you use parameters with Request.Form, the Web server parses the HTTP request body and returns the specified data. If your application requires unparsed data from the form, you can access it by calling Request.Form without any parameters.
Request.QueryString 集合
The QueryString collection retrieves the values of the variables in the HTTP query string. The HTTP query string is specified by the values following the question mark (?). Several different processes can generate a query string. For example, the following anchor tag generates a variable named string with the value "this is a sample."
<A HREF="example.asp?string=this is a sample">string sample</A>
Query strings are also generated by sending a form or by a user typing a query into the address box of the browser.
Query strings are contained in request headers. It is wise to not trust the data that is contained in headers, as this information can be falsified by malicious users. For example, do not rely on data such as cookies to securely identify a user.
As a security precaution, always encode header data or user input before using it. A general method of encoding data is to use Server.HTMLEncode. Alternatively, you can validate header data and user input with a short function such as the one described in Validating User Input to Avoid Attacks. For more detailed information about developing secure Web applications, see chapter 12 of MS Press - Writing Secure Code.
Syntax
Request.QueryString(variable)[(index)|.Count]
Parameters
variable
Specifies the name of the variable in the HTTP query string to retrieve.
index
An optional parameter that enables you to retrieve one of multiple values for variable. It can be any integer value in the range 1 to Request.QueryString(variable).Count.
Applies To
Request Object
Remarks
The QueryString collection is a parsed version of the QUERY_STRING variable in the ServerVariables collection. It enables you to retrieve the QUERY_STRING variable by name. The value of Request.QueryString(parameter) is an array of all of the values of parameter that occur in QUERY_STRING. You can determine the number of values of a parameter by calling Request.QueryString(parameter).Count. If a variable does not have multiple data sets associated with it, the count is 1. If the variable is not found, the count is 0.
To reference a QueryString variable in one of multiple data sets, you specify a value for index. The index parameter can be any value between 1 and Request.QueryString(variable).Count. If you reference one of multiple QueryString variables without specifying a value for index, the data is returned as a comma-delimited string.
When you use parameters with Request.QueryString, the server parses the parameters sent to the request and returns the specified data. If your application requires unparsed QueryString data, you can retrieve it by calling Request.QueryString without any parameters.
You can use an iterator to loop through all the data values in a query string.
例如,如果发送以下请求:
于 2013-12-20T06:07:12.040 回答