> 백엔드 개발 > PHP 튜토리얼 > A Viewstate for PHP

A Viewstate for PHP

WBOY
풀어 주다: 2016-06-23 14:36:21
원래의
927명이 탐색했습니다.

One of ASP.net’s most attractive features is the viewstate. It is a convienent way to store arbitrary data in a persistent mechanism. In fact, it’s rather like PHP’s $_SESSION array.

There is, however, one difference. $_SESSION is unique to a user but is reused across pages. With only one window to your website, the two preform the same function. But if a user has multiple tabs or windows, $_SESSION can change in between what would otherwise be two successive page loads.

The viewstate has two functions:

Storing properties for controls and forms, Storing arbitrary data

The viewstate is responsible for ensuring a red label is still red (and doesn’t default back to black) between page loads. Controls and forms manage this transparently from the developer (excluding a non-obtrusive ViewState property on controls). There is also a viewstate on the page object. It will act like a dictionary, allowing you to save arbitrary data to it.

The viewstate is a magical thing, and it achieves that through indirection. It is what separates a browser form submission from a user actually preforming an action. Prado and Fortitude both duplicate this functionality in PHP.

For a full example, take a look at Fortitude Form’s code. But for today’s purposes, I just wanted to demonstrate how to create a simple viewstate in PHP.

<?phpif (array_key_exists ("viewstate", $_POST)) {$viewstate = unserialize (base64_decode ($_POST["viewstate"]));$viewstate->count++;} else {$viewstate = new stdObject;$viewstate->count = 0;}?><html><body>Page-load count: <?=$viewstate->count;?><form method="post" action="?"><input type="hidden" value="<?=base64_encode(serialize($viewstate));?>" name="viewstate" /><input type="submit" value="Increment" /></form></body></html>
로그인 후 복사

It preforms very similarily to $_SESSION. Although I used an object, it works just as well with an array. But it accomplishes a separate scope for each page. Frequently in PHP, pagination results are placed in $_SESSION, but that means only one set can be used at a time without butchering the rest. In a page scope, any manipulations can be done at will. And that exposes the real difference between the two: global things, like login operation or options, should be set in $_SESSION. Local, page-level or temporary things should be set in the page’s viewstate. Opening two or three or even one hundred twenty copies of that script will maintain that many instances of $viewstate->count. $_SESSION maintains only one.

Note that the security problems the ExtremeExperts article mentions are just as true with PHP as ASP.net. A manipulative user could set viewstate to a custom crafted value and disrupt the applications expectations. But that just means judicious amounts of validation are required before consuming viewstate on postbacks. Both ASP.net and PHP’s viewstate can be made secure.

관련 라벨:
원천:php.cn
본 웹사이트의 성명
본 글의 내용은 네티즌들의 자발적인 기여로 작성되었으며, 저작권은 원저작자에게 있습니다. 본 사이트는 이에 상응하는 법적 책임을 지지 않습니다. 표절이나 침해가 의심되는 콘텐츠를 발견한 경우 admin@php.cn으로 문의하세요.
인기 튜토리얼
더>
최신 다운로드
더>
웹 효과
웹사이트 소스 코드
웹사이트 자료
프론트엔드 템플릿