[英]Reason for checking if $_SERVER['REQUEST_METHOD'] == 'POST'?
I've searched about a dozen answers on here relating to: 我在这里搜索了有关以下内容的十几个答案:
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
}
Yet I still haven't found an answer to why . 然而,我仍然没有找到一个答案, 为什么 。
Why is this done if we've already set the <form method="post">
? 如果我们已经设置了
<form method="post">
为什么要这样做?
Doesn't that mean that it's the only form method here? 这不是说这是这里唯一的表单方法吗?
If the user comes from the previous form then the request method is POST indeed. 如果用户来自以前的表单,则请求方法的确是POST。 But anyone can make a request to your server, for example via CURL or a custom program.
但是任何人都可以例如通过CURL或自定义程序向您的服务器发出请求。 There is no stopping people making random request to your pages.
没有停止的人会随机请求您的页面。
Therefore you cannot be sure that the request method on the server is indeed POST, and all data is present. 因此,您不能确定服务器上的请求方法确实是POST,并且所有数据都存在。
In another context it can be used to check if the form has actually been submitted. 在另一种情况下,它可以用于检查表单是否已实际提交。 For example:
例如:
<?php if($_SERVER['REQUEST_METHOD'] == 'POST') { ?> <!-- The server has recieved something via POST! -->
Thank you for submitting the form!
<?php } else { ?> <!-- No postdata, lets show the form! -->
<form method='POST'> <!-- By setting the method we ask that the client does a post request. -->
<input type='submit' />
</form>
<?php } ?>
There are two ways you can send forms from the client to the server: GET
and POST
. 您可以通过两种方式将表单从客户端发送到服务器:
GET
和POST
。 They are defined in RFC 2616 (HTTP) , but the difference you can directly see is that GET
gets displayed in the URL and POST
doesn't. 它们在RFC 2616(HTTP)中定义,但是您可以直接看到的区别是
GET
显示在URL中,而POST
未显示。
Keep in mind that this is only for the browser on the client side to decide which way they send content to the server. 请记住,这仅由客户端的浏览器决定它们将内容发送到服务器的方式。
Regarding $_SERVER['REQUEST_METHOD']
: 关于
$_SERVER['REQUEST_METHOD']
:
Which request method was used to access the page;
使用哪种请求方法访问页面; ie 'GET', 'HEAD', 'POST', 'PUT'.
即“ GET”,“ HEAD”,“ POST”,“ PUT”。
Note: PHP script is terminated after sending headers (it means after producing any output without output buffering) if the request method was HEAD.
注意:如果请求方法是HEAD,则在发送标头后终止PHP脚本(这意味着在产生任何输出而没有输出缓冲之后)。
One reason why you might want to use 您可能想使用的原因之一
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
}
might be to check if a form was submitted. 可能是检查表单是否已提交。 But keep in mind: People can send
POST
requests without actually using your form! 但请记住:人们可以发送
POST
请求,而无需实际使用您的表单! So you have to check the other data anyway. 因此,您仍然必须检查其他数据。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.