服务器升级后PHP软件出现问题(HTTP标头)

时间:2018-08-29 14:30:14

标签: php http referer

在服务器升级后,我似乎遇到了PHP函数无法正常工作的问题。他们在上周将服务器升级到PHP7.2,但在那之前该软件运行良好。因此,他们只是暂时将帐户降级到7.0。

请参见下面的代码:

if($_POST['create_appointment']){ 
    $customer_id   = htmlspecialchars($_POST['customer'], ENT_QUOTES);
    $category_id   = htmlspecialchars($_POST['category'], ENT_QUOTES);
    $date       = htmlspecialchars($_POST['date'], ENT_QUOTES);
    $start_time = htmlspecialchars($_POST['start_time'], ENT_QUOTES);
    $end_time   = htmlspecialchars($_POST['end_time'], ENT_QUOTES);
    $booked_by  = htmlspecialchars($_POST['booked_by'], ENT_QUOTES);
    $booked_for =  post_array_to_explode($_POST['booked_for']);
    $notes      = htmlspecialchars($_POST['notes'], ENT_QUOTES);
    $session_id = htmlspecialchars($_POST['session_id'], ENT_QUOTES);
    $time       = date("Y-m-d H:i:s");
    $agent_id   = get_agent_from_session($session_id, 'id');

    $start_date = $date.' '.$start_time;
    $end_date = $date.' '.$end_time;

    $start_date = format_datetime_mysql($start_date);
    $end_date = format_datetime_mysql($end_date);

    $insert = $dbh->exec("INSERT INTO calendar(start_date, end_date, notes, category_id, customer_id, added_by, booked_by, booked_for, date_added) VALUES ('$start_date', '$end_date', '$notes', '$category_id', '$customer_id', '$agent_id', '$booked_by', '$booked_for', '$time')");
        if($insert){
            $notification_msg[] = array(type=>'alert-success', h4=>'Success!', msg=>'Appointment Created');
            push_browser_notify('New appointment booked', format_date($start_date).' - '.get_customer_json('business_name', $customer_id).' ('.get_customer_json('first_name', $customer_id).' '.get_customer_json('last_name', $customer_id).') ', '');     

            header('Location: ' . $_SERVER['HTTP_REFERER']);

        }else{
            $notification_msg[] = array(type=>'alert-warning', h4=>'Warning!', msg=>'Appointment NOT Created');
        }
}

该软件位于子域中,该子域的主域已附加SSL证书。当我在子域上激活SSL时,似乎出现HTTP引用问题。现在,它只会出现“未创建约会”的问题。

有人可以帮忙吗?如果这没有道理,我很乐意重新提出这个问题。

激活SSL时收到的错误消息是:

"(index):1 Failed to load https://agent.[domain].co.uk/ajax/livelead-new.php?session=0e9b832ead36586de0f56aba52079301641362a811363690298da1970b7ecb3d: No 
'Access-Control-Allow-Origin' header is present on the requested resource. Origin 
'http://agent.[domain].co.uk' is therefore not allowed access."

if($insert){
            $notification_msg[] = array(type=>'alert-success', h4=>'Success!', msg=>'Appointment Created');
            header('Location: ' . $_SERVER['HTTP_REFERER']);
        }else{
            $notification_msg[] = array(type=>'alert-warning', h4=>'Warning!', msg=>'Appointment NOT Created');
        }

1 个答案:

答案 0 :(得分:0)

我认为,如果您尝试从其他服务器访问代码,则只需执行以下操作。我认为这不是安全的,但是如果将其放在处理请求的页面上,它应该可以工作:

<?php header('Access-Control-Allow-Origin: *'); ?>
相关问题
最新问题