I have created API for Login using POST method but it give me error
GET method is work.
Post data through postman
code of student_login method of contrller Api
class Api extends CI_Controller{
public function student_login()
{
$username=$this->input->post['vUserName'];
$password=$this->input->post['vPassword'];
$this->load->model('Api_model');
$result=$this->Api_model->get_login($username,$password);
if(!empty($result))
{
$response["error"]="true";
$response["message"]="You have been successfully login";
echo json_encode(array('result'=>$result));
die( json_encode($response));
}
else
{
$response["error"]="false";
$response["message"]="Invalid Username and Password";
die(json_encode($response));
}
}
}
Model :To load the data of table tbl_students
class Api_model extends CI_Model
{
public function get_login($name,$pass)
{
//echo $name,$pass;
$this->db->select('iStudentID,class,section,vDivision,vGrno');
$this->db->from('tbl_students');
$this->db->where('vUserName',$name);
$this->db->where('vPassword',$pass);
//$this->db->from('tbl_students');
return $this->db->get()->result_array();
}
}
Your Implementation is right, but you can't check the post method through your browser. Try some other tools like postman.
Related
In my application I am using gates to validate the authorization of the logged in user. I want the user to be redirected to dashboard, with a custom message, instead of showing the traditional 403 | This action is unauthorized. page.
Here is my code:
class SomeController extends Controller
{
public function index()
{
# access
if(!$this->authorize('some-role'))
{
session->set('message', 'message');
return redirect()->route(...);
}
...
}
}
Is this possible..?
Easy way inside controller check here:
if (Gate::denies('update-post', $post)) {
// The current user can't update the post...
}
Proper way.
There is app\Exceptions\Handler.php there is render method where you can set you custom exception NotAuthorizedException (laravel < 5.5):
if($exception instanceof NotAuthorizedException){
return redirect($exception->route());
}
If laravel > 5.6 you can add below code and redirect inside app\Exceptions\Handler.php the render method:
if ($exception instanceof AuthorizationException)
My CI website has csrf protection.
$config['csrf_protection'] = TRUE;
So, when I resubmit form by refresh I am getting the following error.
The action you have requested is not allowed
Instead of showing this message, I want it to return to last page.
So, I try to override csrf_show_error() method by extending the CI_Security file.
This is my class located in application/core/My_Security.php
class MY_Security extends CI_Security {
public function __construct()
{
parent::__construct();
$this->load->library('user_agent');
}
public function csrf_show_error()
{
// show_error('The action you have requested is not allowed.'); // default code
// force page "refresh" - redirect back to itself
// a page refresh restores the CSRF cookie
if ($this->agent->is_referral())
{
redirect(site_url());
} else {
redirect($_SERVER['HTTP_REFERER']);
}
}
}
I am getting the following error
Call to a member function library() on a non-object
Insted of changing the core classes, I extended the MY_Securtiy class in core folder of application. and redirecting to past page.
File Location: application\core\MY_Security.php
class MY_Security extends CI_Security {
public function __construct()
{
parent::__construct();
}
public function csrf_show_error()
{
header('Location: ' . htmlspecialchars($_SERVER['REQUEST_URI']), TRUE, 200);
}
}
Thanks for your solution, but it seems better with a return code 302 by changing the request type of the new request to GET, regardless of the type employed in the original request (e.g. POST). The next refresh will not ask any question.
I've created a custom roles manager for Laravel (4.2) based on the named routes e.g.:
users.index, customers.create, vendors.update, orders.store, users.edit, customers.update, etc.
Basically anything registered as a Route::resource(...); within the routes.php file (with a few custom named routes)
I'm checking the permissions with this method:
namespace Acme\Users;
...
class User extends \Eloquent implements UserInterface, RemindableInterface {
...
public function hasPermissions($route)
{
$actions = ['users.index', 'users.create', 'users.edit', 'users.delete']; // fake data
if ( ! in_array($route, $actions))
{
return false;
}
return true;
}
}
Then, within the app/filters.php, I'm checking the current route against the User.
Route::filter('auth', function()
{
if (Auth::guest())
{
if (Request::ajax())
{
return Response::make('Unauthorized', 401);
}
else
{
return Redirect::guest('login');
}
}
// check if the current authenticated User has permissions to access this route
if ( ! Auth::user()->hasPermissions(Route::current()->getName()))
{
return Redirect::route('dashboard.index');
}
});
Everything is working with any route using the GET method, but when it comes to PUT, PATCH, POST DELETE the Route::current()->getName() doesn't return anything.
Is there a better approach? I want everything to happen automatically, and I have a solution to this issue, but it's very involved. Is there a way to get the route name during a PUT, PATCH, POST or DELETE request?
Thank you.
Try to put your verification code inside after filter.
App::after(function($request, $response)
{
if ( ! Auth::user()->hasPermissions(Route::current()->getName()))
{
return Redirect::route('dashboard.index');
}
});
i have a controller having following script
class get extends CI_Controller
{
function get_password()
{
$this->load->model('fetch_model');
$user_pass=$this->fetch_model->get_password();
$data['user_pass'] = json_encode($user_pass);
echo $data['user_pass'];
}
}
and a script on view page as this
function get_password(){
$.post("<?php echo base_url();?>admin.php/get/get_password",function(data)
{
for(i=0;i<data.length;i++)
{
$('#password').val(data[i].password);
$('#username').val(data[i].username);
}
},"json");
}
now if i use the following script in model then the ajax post is working perfectly..
class fetch_model extends CI_Model
{
function get_password()
{
return $this->db->query("SELECT * FROM td_admin_user")->result_array();
}
}
but when i change the model script into this, then the ajax script isnt working
class fetch_model extends CI_Model
{
function get_password()
{
foreach($this->db->query("SELECT * FROM td_admin_user")->result() as $r_pass)
{
$pass=$r_pass->password;
$user=$r_pass->username;
}
$user_pass=array('username'=>$user,
'password'=>$pass);
return $user_pass;
}
}
but to be very frankly, i need to send data in the following way
$user_pass = array('username'=>$user, 'password'=>$pass);
and not as result_array()
so please help me in this context, thanks in advance
This is not a bug! Did you even look at what type of data is returned in each call?
In your JS, you are using:
$('#password').val(data[i].password);
Where data is an indexed array - exactly what is returned by ->result_array()
But you want it to be a key based array:
$user_pass=array('username'=>$user, 'password'=>$pass);
If that's the case, you should forget using the for loop on JS (specially if your query only results in one row) and use
$('#password').val(data.password);
Instead.
Also look at console.log (if you are using firebug/developer tools) and try print_r or var_dump on the PHP side to understand the data formats you are returning.
How to capture POST on checkout onpage with Magento_Payment_Block_Info?
class Ks_Gippayment_Block_Info extends Mage_Payment_Block_Info
{
protected function _construct()
{
parent::_construct();
$this->setTemplate('ks/info.phtml');
}
public function getSomePostData()
{
//****direct get POST/GET data from onepage checkout
}
Try
public function getSomePostData()
{
//****direct get POST/GET data from onepage checkout
if(Mage::app()->getRequest()->getPost('firstname')){
}
}
see Zend Framework: Can i just get GET params?
You may use this method by using class
public function getSomePostData()
{
if(isset ($_POST['submit']))
{
$name=$_POST['firstname'];
/**like that**/
}
}
or You can pass as function from button click