我的项目是用 Angular 8 构建的,带有 php 后端。当我使用 xampp 在本地部署它时,一切正常。但是当我将它部署在服务器上时,它给了我一个 404 错误(我尝试了 2 个不同的服务器,其中一个是 aws)。当我尝试使用邮递员访问后端文件时也是如此。我可以看到filezilla中的文件,并且路径看起来是正确的,但我每次仍然得到爆破的404。有任何想法吗?可能是安全策略问题,如果是,我该如何纠正?我附上了一些显示我的错误的图片。这是我的 .htaccess 文件 - 我已经尝试根据 SO 建议编辑许多不同的方法。
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteRule ^$ public/ [L]
RewriteRule (.*) public/$1 [L]
</IfModule>
这是我的登录服务文件,它将它定向到后端:
import {Injectable} from '@angular/core';
import {HttpClient, HttpHeaders} from '@angular/common/http';
import {Observable} from 'rxjs';
@Injectable({
providedIn: 'root'
})
export class LoginService {
baseUrl = 'http://globalplantbased.com/pbcert/PB-Certification-Server/';
private httpOptions = {
headers: new HttpHeaders()
.set('Content-Type', 'application/x-www-form-urlencoded')
};
constructor(private http: HttpClient) {
}
// login function sends username and password and validates it
// this function also returns token for session verification
login(username: string, password: string, type: string): Observable<any> {
const body = `username=${username}&password=${password}`;
return this.http.post(`${this.baseUrl}login/${type}Login`, body, this.httpOptions);
}
register(name: string, username: string, password: string, type: string): Observable<any> {
const body = `name=${name}&username=${username}&password=${password}`;
return this.http.post(`${this.baseUrl}register/${type}Register`, body, this.httpOptions);
}
logout() {
}
}
如果我应该添加任何其他文件图片,请告诉我。我已经为此研究了很多天,但无法弄清楚。
这是我的php登录文件
class Login extends Controller {
private $currentModel;
public function __construct()
{
$this->currentModel = $this->model('SignIn');
}
public function userLogin() {
if($_SERVER['REQUEST_METHOD'] == 'POST') {
$_POST = filter_input_array(INPUT_POST, FILTER_SANITIZE_STRING);
$data = [
'username' => trim($_POST['username']),
'password' => trim($_POST['password'])
////trim re spaces
];
//verifies username and password, returns user details true or false
if($user = $this->currentModel->logInUser($data['username'], $data['password'])) {
//this will return a token string on success
if($token = $this->currentModel->setToken($user, 'user', $_SERVER['REMOTE_ADDR'])) {
echo json_encode(['token' => $token]);
} else {
echo json_encode(['error' => "login denied"]);
}
} else {
echo json_encode(['error' => "login failed"]);
}
} else {
echo json_encode(['error' => "denied"]);
}
}
public function contactLogin() {
if($_SERVER['REQUEST_METHOD'] == 'POST') {
$_POST = filter_input_array(INPUT_POST, FILTER_SANITIZE_STRING);
$data = [
'username' => trim($_POST['username']),
'password' => trim($_POST['password'])
////trim re spaces
];
//verifies username and password, returns user details true or false
if($user = $this->currentModel->logInContact($data['username'], $data['password'])) {
//this will return a token string on success
if($token = $this->currentModel->setToken($user, 'contact', $_SERVER['REMOTE_ADDR'])) {
echo json_encode(['token' => $token]);
} else {
echo json_encode(['error' => "login denied"]);
}
} else {
echo json_encode(['error' => "login failed"]);
}
} else {
echo json_encode(['error' => "denied"]);
}
}
}
和我的登录 php 文件
<?php
//login contact
//login user
class SignIn {
private $db;
public function __construct()
{
$this->db = new Database;
}
//login user
public function logInUser($username, $password) {
$this->db->query('SELECT * FROM users WHERE username = :username');
$this->db->bind(':username', $username);
//tries to get info from db
if($row = $this->db->single()) {
$hashed_password = $row->user_password;
//verifies password with encryped pass from database
if(password_verify($password, $hashed_password)) {
return $row;
} else {
return false;
}
} else {
return false;
}
}
//login contact
public function logInContact($username, $password) {
$this->db->query('SELECT * FROM contacts WHERE contact_username = :username');
$this->db->bind(':username', $username);
//tries to get info from db
if($row = $this->db->single()) {
$hashed_password = $row->contact_password;
//verifies password with encryped pass from database
if(password_verify($password, $hashed_password)) {
return $row;
} else {
return false;
}
} else {
return false;
}
}
//call this function if user/contact successfully logged in
public function setToken($id, $type, $ip) {
try {
//try creating random token else throw error
if($token = bin2hex(random_bytes(32))) {
//hashing password
$this->db->query('INSERT INTO auth(token, ip, expiry, user_id, contact_id, company_id) VALUES (:token, :ip, NOW() + INTERVAL 1 DAY, :userId, :contactId, :companyId)');
$this->db->bind(':token', $token);
$this->db->bind(':ip', $ip);
switch ($type) {
case 'contact';
$this->db->bind('userId', null);
$this->db->bind('contactId', $id->contact_id);
$this->db->bind('companyId', $id->company_id);
break;
case 'user';
$this->db->bind('userId', $id->user_id);
$this->db->bind('contactId', null);
$this->db->bind('companyId', null);
}
//inserts token with expiry and ip to database, return token on success or false on failure
if ($this->db->execute()) {
return $token;
} else {
return false;
}
} else {
throw new Exception('Sorry, something went wrong! Please try again');
}
} catch (Exception $error) {
echo json_encode(['error' => $error->getMessage()]);
}
}
}
我的 core.php 文件
<?php
// /*
// * App Core Class
// * Creates Url and loads core controller
// * Url format - /controller/method/params
// */
class Core {
protected $currentController = 'Home';
protected $currentMethod = 'notFound';
protected $params = [];
public function __construct()
{
// print_r($this->getUrl());
$url = $this->getUrl();
// Look in controllers for first value
if (file_exists('../app/controllers/' . ucwords($url[0]) . '.php')) {
// if exists set as controller
$this->currentController = ucwords($url[0]);
// Unset 0 index
unset($url[0]);
}
// Require the controller
require_once '../app/controllers/' . $this->currentController . '.php';
// Instantiate controller class
$this->currentController = new $this->currentController;
// Check for second part of url
if(isset($url[1])){
// Check to see if method exists in controller
if(method_exists($this->currentController, $url[1])){
$this->currentMethod = $url[1];
unset($url[1]);
}
}
// get params
$this->params = $url ? array_values($url) : [];
// Call a callback with array of params
call_user_func_array([$this->currentController, $this->currentMethod], $this->params);
}
public function getUrl() {
if (isset($_GET['url'])){
$url = rtrim($_GET['url'], '/');
$url = filter_var($url, FILTER_SANITIZE_URL);
$url = explode('/', $url);
return $url;
}
}
}
答案 0 :(得分:0)
问题是我在 /public 中的 .htaccess 文件。这是当前的,它解决了问题:
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^(.+)$ index.php?url=$1 [QSA,L]
</IfModule>