[英]No 'Access-Control-Allow-Origin' Header In jQuery Ajax Login
I have a Login Page called login.php
which is in the main first root level and users.php
which is in assets/app/users.php
. 我有一个名为
login.php
的登录页面,它位于主要的第一根目录下,而users.php
则位于assets/app/users.php
。 I am using jQuery ajax to do the login process. 我正在使用jQuery ajax来执行登录过程。 In the JS part of
login.php
I have: 在
login.php
的JS部分中,我有:
if(loginProceed){
var data = {email: loginEmail, pass: loginPass};
var loginreq = $.ajax({
type: "POST",
url : "assets/app/users.php",
cache: false,
data: data
});
loginreq.done(function(html) {
if(html=='true'){
window.location.replace('app.php'); }
else {
$("#loginRequest").before('<div class="alert alert-danger err" role="alert">Email or Password Is Not Correct</div>');
}
});
}
e.preventDefault();
});
and in users.php
I have 和在
users.php
我有
<?php
header('Access-Control-Allow-Origin: *');
session_start();
include 'config.php';
$email = $_POST['email'];
$pass = $_POST['pass'];
$conn = new mysqli(DB_HOST, DB_USER, DB_PASS, DB_DATABASE);
$sql = "SELECT id, email, fname, lname, type FROM users WHERE `email`=? AND `pass`=?";
$stmt = $conn->prepare($sql);
$stmt->bind_param('ss', $email,$pass);
$stmt->execute();
$stmt->bind_result($theId,$theEmail,$theFName,$theLname,$theType);
if ($stmt->fetch()) {
echo 'true';
$_SESSION['LOGIN_STATUS'] = true;
$_SESSION['fname'] = $theFName;
} else {
echo 'false';
}
Now this is doing the Login process for me in all browsers but for some other users it ONLY works on Chrome! 现在,我正在所有浏览器中执行登录过程,但对于其他一些用户,它仅可在Chrome上运行! or even on none of them and we are getting theses errors in console:
甚至没有一个,我们在控制台中遇到了这些错误:
login.js:74 Object login.php:1 XMLHttpRequest cannot load http://domain.ca/login.php .
login.js:74对象login.php:1 XMLHttpRequest无法加载http://domain.ca/login.php 。 No 'Access-Control-Allow-Origin' header is present on the requested resource.
所请求的资源上没有“ Access-Control-Allow-Origin”标头。 Origin ' http://www.domain.ca ' is therefore not allowed access.
因此,不允许访问源“ http://www.domain.ca ”。
or on FireFox 或在FireFox上
Password fields present on an insecure (http://) page.
不安全(http://)页面上显示的密码字段。 This is a security risk that allows user login credentials to be stolen.[Learn More] "SensorNotRequired: https://developers.google.com/maps/documentation/javascript/error-messages " util.js:30:57
这是一种安全风险,使用户的登录凭据被盗。[了解更多]“ SensorNotRequired: https : //developers.google.com/maps/documentation/javascript/error-messages ” util.js:30:57
and on EI 和EI
SCRIPT7002: XMLHttpRequest: Network Error 0x4c7, The operation was canceled by the user.
SCRIPT7002:XMLHttpRequest:网络错误0x4c7,该操作已被用户取消。
Can you please let me know why this is happening? 您能告诉我为什么会这样吗?
Try to allow single domain 尝试允许单个域
header('Access-Control-Allow-Origin: http://www.domain.ca');
or try modify .htaccess with Header set Access-Control-Allow-Origin "*"
enter link description here 或尝试使用
Header set Access-Control-Allow-Origin "*"
Access.Control Header set Access-Control-Allow-Origin "*"
修改.htaccess, 在此处输入链接描述
Look like your script is loaded from domain.ca ( without www ) but you or other user making request to php from www.domain.ca 看起来您的脚本是从domain.ca(不带www)加载的,但是您或其他用户从www.domain.ca向php请求
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.