php request/post/get/session expiration
I know a SESSION can expire but what about $_REQUEST/$_POST/$_GET variables?
My question is, I have users that submit information a开发者_运维技巧nd I need to set a Id for that information before I insert it into a database. Now I thought about using a SESSION but the problem is if the session expires before the user has submitted the information to the database they loose the Id I need. Would passing it the $_REQUEST/$_POST/$_GET variable(s) be a better solution or should I just use a variable and readjust the script?
Also I was using SESSION as it's very easy to call from inside a function without passing it in.
function setInfo() {
// no need to pass I can call from within
$Id = $_SESSION['Id'];
}
Is this good practice?
EDIT: Would this be better as a cookie?
My first question would be, are you not able to insert a row and retrieve a auto-incrementing ID with @@IDENTITY?. you can't really "Store" data in $_REQUEST, $_POST or $_GET, that data is only there from when the client submits a page, form, link request to the server to when you finish and send to output the resulting page. Either way, you would most likely use the $_SESSION space to store the info that needs to be carried to other pages.
You can use a hidden field in the form, and store the the value of hidden field in database ("maybe or very probably" you will need a separate table for this). When user submits the form you check that the submitted value for hidden var exists in the database.
When the request from particular value is processed, delete it from database.
精彩评论