Question

我正在尝试使用$ .ajax（jquery）对我的服务器（php）进行api调用。我正在成功ping服务器，但是，它没有验证用户是否已登录（存储在PHPSESSID中）。这是一个跨域请求。

当我使用PHP从前端进行api调用时，它起作用，因为cURL请求将PHPSESSID分配给CURLOPT_COOKIE。

以下是我网站上的 $。ajax 代码，www.foo.com

         $(document).on('click','#pickup_now', function(){

            //testing ajax function for 'cpr.php'

            $.ajax({
                url: "https://app.foo.com/CPR.php",
                data: {
                            PickupLatitude: PickupLatitude,
                            PickupLongitude: PickupLongitude,
                            PickupAddress: PickupAddress,
                            PickupAddress2: '',
                            PickupCity: PickupCity,
                            PickupState: PickupState,
                            PickupZipCode: PickupZipCode,
                            DropOffLatitude: '34.0335328',
                            DropOffLongitude: '-118.48099309999998',
                            DropOffAddress: '2227 Wilshire Boulevard',
                            DropOffAddress2: '',
                            DropOffCity: 'Santa Monica',
                            DropOffState: '5',
                            DropOffZipCode: '90403',
                            ShipmentDescription: document.getElementById('description').value,
                            ShipmentImage: document.getElementById('ShipmentImage').value,
                            EstimatedTime: '180',
                            EstimatedDistance: '1'
                        },
                type: "POST",
                success: function(data,status){
                            console.log("Data: " + data + "\nStatus: " + status);
                            console.log(userSession);
                } //ends success function
            });

    });

它正在回归：

Data: {"LoginValid":false}
Status: success

所以我们知道它成功ping了服务器。以下是https://app.foo.com/CPR.php

上的代码

public static function CPR($pickupLatitude, $pickupLongitude, $pickupAddress, $pickupAddress2, $pickupCity, $pickupState, $pickupZipCode,
                                    $dropOffLatitude, $dropOffLongitude, $dropOffAddress, $dropOffAddress2, $dropOffCity, $dropOffState, $dropOffZipCode,
                                    $shipmentDescription, $shipmentImage, $estimatedTime, $estimatedDistance)
    {
        $results = new fooCommon\Results();
        if ($results->LoginValid = SessionInfo::GetInstance()->LoggedIn())
            $results->AddMembers(fooCommon\SHELPER::CPR(SessionInfo::GetInstance()->UserID(), $pickupLatitude, $pickupLongitude, $pickupAddress, $pickupAddress2, $pickupCity, $pickupState, $pickupZipCode,
                                    $dropOffLatitude, $dropOffLongitude, $dropOffAddress, $dropOffAddress2, $dropOffCity, $dropOffState, $dropOffZipCode,
                                    $shipmentDescription, $shipmentImage, $estimatedTime, $estimatedDistance));

        return $results;
    }

$results->LoginValid = SessionInfo::GetInstance()->LoggedIn()使用用户SESSION信息来验证他们是否已登录并抓取他们的信息。

以下是在SessionInfo.php上找到的代码

public function LoggedIn()
    {
        if (!isset($_SESSION["LoggedIn"]))
            $this->SetLoggedIn(false);

        return $_SESSION["LoggedIn"];
    }

如何正确传递PHPSESSID信息，以便SessionInfo::GetInstance()->LoggedIn()知道抓住它并验证用户信息？

TL; DR - ＆gt;是否有$ .ajax相当于cURL CURLOPT_COOKIE？当通过cURL执行此操作时，这似乎是通过适当的渠道传递信息的原因。

先谢谢大家！

Answer 1

当页面呈现时，将会话ID嵌入隐藏的输入元素，即

＆＃13;

<input type=hidden name=sessionid value='<? inject here ?>'/>

＆＃13;

当您进行ajax调用时，请从隐藏的输入元素中读取值，并将其包含在您要发回的数据中。

PHPSESSID =未在ajax jquery

1 个答案: