如何檢測PHP函數內的ajax調用
[英]How to detect ajax call inside php function
問題描述
我正在嘗試構建用戶身份驗證系統。 為了保護頁面,我首先使用userIsLoggedIn()函數檢查登錄狀態(如果未登錄),然后顯示登錄表單。 使用ajax將登錄表單數據發布到accessControl.php腳本。 ajax請求開始但從未完成。 在Chrome devtool中,ajax請求顯示為待處理。
這是怎么了...
如果我用簡單的POST請求替換ajax部分,則php腳本在進行必要的更改后可以正常工作。
(請推薦一些好的資源來學習Ajax。)
在受保護的頁面上:
if(!userIsLoggedIn()){
require_once $_SERVER['DOCUMENT_ROOT'] . '/includes/loginForm.php';
exit();
}
表格 :
<form class="form-signin" id="logInForm">
<p id="returnMsg"></p>
<input type="text" name="username" id="username" class="form-control" placeholder="Username" required autofocus>
<input type="password" name="password" id="password" class="form-control" placeholder="Password" required >
<input type="hidden" name="tokenLogInForm" id="tokenLogInForm" value="<?php if(isset($_SESSION['tokenLogInForm'])) { echo htmlout($_SESSION['tokenLogInForm']); } ?>">
</form>
<button class="btn btn-lg btn-primary btn-block" id="logInButton">
Log in</button>
jQuery腳本:
$(document).ready(function(){
$("#logInButton").click(function(e){
var logInFormData = $("#logInForm").serialize();
$.ajax({
type: 'post',
data: logInFormData,
url: 'http://localhost/includes/accessControl.php',
beforeSend: function(){
$("#logInFromSpinner").show();
},
conplete: function(){
$("#logInFromSpinner").hide();
},
success: function(data, status) {
console.log(data);
},
error: function(jqXHR, textStatus){
console.log(textStatus);
}
});
});
});
accessControl.php腳本:
<?php
if(session_status() === PHP_SESSION_NONE) {
session_start();
}
if(!isset($_SESSION['tokenLogInForm']) && empty($_SESSION['tokenLogInForm'])) {
$_SESSION['tokenLogInForm'] = base64_encode(openssl_random_pseudo_bytes(32));
session_regenerate_id(TRUE);
}
function userIsLoggedIn()
{
if(isset($_SERVER['HTTP_X_REQUESTED_WITH']) && strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) === 'xmlhttprequest')
{
$userName = filter_input(INPUT_POST, 'username', FILTER_SANITIZE_SPECIAL_CHARS);
$passWordRaw = filter_input(INPUT_POST, 'password', FILTER_SANITIZE_SPECIAL_CHARS);
$passWord = md5($passWordRaw . 'M@there__ing@<7^9>');
if(databaseContainsUser($userName, $passWord))
{
if(session_status() === PHP_SESSION_NONE) {
session_start();
}
session_regenerate_id(TRUE);
$_SESSION['loggedIn'] = TRUE;
$_SESSION['userName'] = $userName;
$_SESSION['passWord'] = $passWord;
$_SESSION['tokenLogInForm'] = base64_encode(openssl_random_pseudo_bytes(32));
return TRUE;
}
else
{
if(session_status() === PHP_SESSION_NONE) {
session_start();
}
session_regenerate_id(TRUE);
unset($_SESSION['loggedIn']);
unset($_SESSION['userName']);
unset($_SESSION['passWord']);
if(isset($_COOKIE[session_name()])) {
setcookie(session_name(), '', time()-86400, '/');
}
session_destroy();
echo 'The specified Username and Password was incorrect.';
$_SESSION['tokenLogInForm'] = base64_encode(openssl_random_pseudo_bytes(32));
return FALSE;
}
}
if(isset($_POST['actionLogOut']) && $_POST['actionLogOut'] == 'logOut')
{
if(session_status() === PHP_SESSION_NONE) {
session_start();
}
session_regenerate_id(TRUE);
unset($_SESSION['loggedIn']);
unset($_SESSION['userName']);
unset($_SESSION['passWord']);
$_SESSION = [];
if(isset($_COOKIE[session_name()])) {
setcookie(session_name(), '', time()-86400, '/');
}
session_destroy();
$_SESSION['tokenLogInForm'] = base64_encode(openssl_random_pseudo_bytes(32));
header('Location: ' . $_POST['goto']);
exit();
}
if(session_status() === PHP_SESSION_NONE) {
session_start();
}
session_regenerate_id(TRUE);
if(isset($_SESSION['loggedIn']))
{
return databaseContainsUser($_SESSION['userName'], $_SESSION['passWord']);
}
}
function databaseContainsUser($userName, $passWord)
{
include $_SERVER['DOCUMENT_ROOT'] . '/includes/dbCon.php';
try
{
$sql = 'SELECT COUNT(*) FROM admins WHERE username = :userName AND
password = :passWord';
$s = $dbConnect->prepare($sql);
$s->bindValue(':userName', $userName);
$s->bindValue(':passWord', $passWord);
$s->execute();
}
catch(PDOException $e)
{
$error = 'Error searching User.';
include $_SERVER['DOCUMENT_ROOT'] . '/includes/error.php';
exit();
}
$row = $s->fetch();
if($row[0] > 0)
{
return TRUE;
}
else
{
return FALSE;
}
}
1 個解決方案
解決方案1
0 2015-08-11 17:25:03
您的代碼有誤。 用完成替換“完成”。 其余的一切看起來不錯。
更改后,您的Javascript將如下所示
$(document).ready(function(){
$("#logInButton").click(function(e){
var logInFormData = $("#logInForm").serialize();
$.ajax({
type: 'post',
data: logInFormData,
url: 'http://localhost/includes/accessControl.php',
beforeSend: function(){
$("#logInFromSpinner").show();
},
complete: function(){
$("#logInFromSpinner").hide();
},
success: function(data, status) {
console.log(data);
},
error: function(jqXHR, textStatus){
console.log(textStatus);
}
});
});
});
Ajax + PHP驗證並在PHP驗證內調用Javascript函數
[英]Ajax + PHP validation and call Javascript function inside PHP validation
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.