PHP Works Local (XAMPP - PHP 5.5.33) but does not work on Server (PHP 5.5.31)

Asked

Viewed 547 times

2

I’m making an API, and locally it’s perfect. The problem is when I test it on the server.

I created it in a subdomain, example: http://api.dominio.com And I’m testing in another subdomain: http://teste.api.dominio.com

Locally the addresses are like this:

API: http://localhost/api/public_apiv1 Testing: http://localhost/api/public_apiteste

Note: The folder structure is the same on the server. When I make an invalid request locally the API returns me a structure like this:

{
   "error": 401,
   "message": "Permissão negada."
}

But when I test on the server AJAX does not return anything, only the following error appears on the console:

Erro no console

Before I was redirecting to the Controller and Action of error:

self::$controller->request->redirect(Route::href('error/unauthorized'));

So I thought redirects didn’t work with AJAX requests, so I changed the structure to print the result of Controller and Action:

exit(self::$controller->controller('Error', 'unauthorized'));

But it continued the same way.

I already put to the server to print the errors:

ini_set('display_startup_errors',1);
ini_set('display_errors',1);
error_reporting(E_ALL);

And to accept CORS requisitions:

header('Access-Control-Allow-Origin: *');

But nothing is returned from the server.

UPDATE

My application runs the following code:

public static function validateAccess() {

   if (!self::validateApplication()) {
      exit('Está entrando aqui');
      self::$controller->request->redirect(Route::href('error/unauthorized'));
   }

}

The exit above is displayed, if I remove it and place it in the Redirect Controller, it is no longer displayed:

class ErrorController extends Controller {
   public function unauthorized(){
      exit('unauthorized');
      return self::returnError('Unauthorized');
   }
}

The method redirect has the following code:

public function redirect($params = NULL){

   if (empty($params))
      return $this->header('Location: ' . Route::href());

   if (is_string($params))
      return $this->header('Location: ' . $params);

   if (is_array($params)){

      $controller = empty($params['controller']) ? 'main' : $params['controller'];
      $action = empty($params['action']) ? 'index' : $params['action'];

      return $this->header('Location: ' . Route::href("{$controller}/{$action}"));
   } else 
      return $this->header('Location: ' . Route::href());

   exit;
}

public function header($content) {
   header($content);
}
  • @rray according to the attached image the problem is yes with Cors: Motivo: a pré-conexão CORS falhou

  • 1

    @rray is where the problem is, there is no error. About the Cors I already added the header header('Access-Control-Allow-Origin: *');

  • That’s exactly what I was suspecting, minus a chance.

  • Actually your server is Softlayer?

  • No, it is Ycorn...

  • A while ago, in a simple application, I received an error similar to yours. I don’t know if it applies to your case, but the problem was some security guidelines applied to the server firewall, I can’t tell you exactly what it was.

  • The server is not rejecting the requests, but the following is happening, when I try to redirect is aborting the request.

  • @rray updated the question with some code snippets...

  • @Marcelodeandrade updated the question with some code snippets...

  • I did several tests and the code is running until the time of redirection, but nothing runs after that. AJAX requests are not redirected?

  • Where exactly did you add header('Access-Control-Allow-Origin: *');? When redirecting occurs the next page will also need CORS. Something else, using ob_start somewhere?

  • William, I’m using Allow-Origin right at the beginning of script, and since it is an MVC, all requests have Allow-Origin. I am using ob_start. only when loading the view. I talked to a college professor and he commented that this could be a default setting for browsers, where a request cross-Domain cannot be redirected for security reasons.

Show 7 more comments

2 answers

3


After several tests I found that redirecting does not work with Ajax requests, probably for some security reason, when the browser gets the code 301 redirect it already stops the request.

The solution found was to terminate the execution of script with the Controller to which it would redirect:

exit(self::$controller->controller('Error', 'unauthorized'));

1

It’s been a long time, but it’s for those who enter in the future. By default browsers block cross Domain requests, and that’s what happened to you.

You requested in api.Domain and it was in test.api.Domain.

An alternative to allowing ajax cross Domain requests is to use jsonp instead of json. jsonp is very similar to json with the difference that it is encapsulated in a function and when it arrives at the browser it runs to get the data. This type of data browsers allow cross Omain.

Usually when building an api that returns jsonp it is convenient to allow the client to send in the body of the request as a parameter the padding name example:

http://api.domain/users/3?jsonp=foo

the return will be something like:

foo({"Name": "Otto", "Id" : 3, "Age": 30});

This way the client can determine what it needs for the correct parse.

Browser other questions tagged

You are not signed in. Login or sign up in order to post.