Hi guys!
I'm writing my first C2 plugin (better to say, my first (bigger) confrontation with JS).
I know what CORS is - and already had the one or another meet with it.
Background info:
I'm writing a little framework which handles account managing and data storation for a C2 dev. Ive seen a lot questions about accounting, etc. - got a great help days back - and now I'ld like to share my knowledge with anyone who doesnt know how to ajax userdata via php into a mysql db. For that Im rewriting an account managing system (with all its needs, registering, login, "forgot password"-function, token based, "remember me" function, etc..; incl. storing data (preffered as JSON) in the backend). But more to the plugin when its ready to see the light of beta-testers...
To my problem:
When I got a simple return...
<?php
header("Access-Control-Allow-Origin:*"); // Allow all origins
$InputAction = $_POST["Action"]; // Eventhandler
if ($InputAction == "Register") {
echo("-400")
}
?>[/code:25w51riy]
... everything works fine. Even if Im extending the whole stuff. CORS is on * in row 2 as you can see (I was told from different sources, that its best to build a func, etc etc... but sources like [url]http://enable-cors.org/server_php.html[/url] also told me, that the one-row is ok. And unless Ive tested it with several scripts (including AJAX cross domain requests out of C2), Im at least sure that it works.
Now, when I extend the source of the serversided script, like...
[code:25w51riy]<?php
header("Access-Control-Allow-Origin:*"); // Allow all origins
require('includes/config.php'); // Prerequisite
/** Numeric callbacks (!negative values!)
-200 Registration successful; validation mail sended
-250 Username OK
-300 Username too short
-301 Username already in use
-302 Password too short
-303 Invalid email address
-304 Email already in use
-305 Error while registration
-400 Illegal request
**/
$InputAction = $_POST["Action"]; // Eventhandler
$InputUsername = $_POST["Username"]; // Requesting username
$InputMailaddress = $_POST["Mailaddress"]; // Requesting mail address
$InputPassword = $_POST["Password"]; // Requesting password
if ($InputAction == "Register") { // Action: Register
if(strlen($InputUsername) < 3){ // Check Username length
$error[] = 'Username is too short.';
echo("-300");
} else { // Check if username already exists
$stmt = $db->prepare('SELECT username FROM members WHERE username = :username');
$stmt->execute(array(':username' => $InputUsername));
$row = $stmt->fetch(PDO::FETCH_ASSOC);
echo("-250");
if(!empty($row['username'])){ // If username already taken
$error[] = 'Username provided is already in use.';
echo("-301");
}
}
}
else {
echo("-400");
}
?>[/code:25w51riy]
... (its only a snipped, which could be used as a standalone "give me feedback!"-debug tool) Im getting a 500:
[code:25w51riy]XMLHttpRequest cannot load http://api.proxy.wtf/debug.php. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://192.168.0.14:50001' is therefore not allowed access. The response had HTTP status code 500.[/code:25w51riy]
There is no mistake in the syntax (the http-ui works perfectly; which contains same parts of the script in a single *.PHP) and I cant figure out whats going wrong here. I
Does someone may have an idea whats going wrong here? After about 11 hours of work on the C2 plugin, everything breaks together because of this, driving me nuts....
Have a great day,
Proxy