0

I'm fairly new to php, but I have an "API" set up on my web server to send/receive data to a MySQL database.

For some reason, when I send an http post request to my register.php file (registration entry point), the $_POST variable remains empty. However, after using phpconfig() and doing some digging, I noticed the parameters I sent were stored in the $_REQUEST variable, so I changed my register.php accordingly and it worked.

My questions are why that is happening and whether using $_REQUEST is wrong.

I send the http request using angularjs' $http:

var link = 'http://www.temporaryurl.com/register.php'

$http.post(link, {'name': 'Adam'},{'email': 'awbasham@test.com'},{'password': 'testingPass!'}).then(function(response) {
console.log("Http success!");
console.log(response);
}, function(response) {
console.log("Http failure");
console.log(response);
});

Here's register.php

<?php
require_once 'include/DB_Functions.php';
$db = new DB_Functions();

// json response array
$response = array("error" => FALSE);

if (isset($_REQUEST['name']) && isset($_REQUEST['email']) && isset($_REQUEST['password'])) {

    // receiving the post params
    $name = $_REQUEST['name'];
    $email = $_REQUEST['email'];
    $password = $_REQUEST['password'];

    // Remove all illegal characters from email
    $email = filter_var($email, FILTER_SANITIZE_EMAIL);

    // Validate e-mail
    if (!filter_var($email, FILTER_VALIDATE_EMAIL) === false) {
        echo("$email is a valid email address");
    } else {
        echo("$email is not a valid email address");
    }

    if (!filter_var($email, FILTER_VALIDATE_EMAIL) === false) {
        // check if user is already existed with the same email
        if ($db->isUserExisted($email)) {
            // user already existed
            $response["error"] = TRUE;
            $response["error_msg"] = "User already existed with " . $email;
            echo json_encode($response);
        } else {
            // create a new user
            $user = $db->storeUser($name, $email, $password);
            if ($user) {
                // user stored successfully
                $response["error"] = FALSE;
                $response["uid"] = $user["unique_id"];
                $response["user"]["name"] = $user["name"];
                $response["user"]["email"] = $user["email"];
                $response["user"]["created_at"] = $user["created_at"];
                $response["user"]["updated_at"] = $user["updated_at"];
                echo json_encode($response);
            } else {
                // user failed to store
                $response["error"] = TRUE;
                $response["error_msg"] = "Unknown error occurred in registration!";
                echo json_encode($response);
            }
        }
    } else {
        echo("$email is not a valid email address");
        $response["error"] = TRUE;
        $response["error_msg"] = "Email is invalid!";
        echo json_encode($response);
    }
} else {
    $response["error"] = TRUE;
    $response["error_msg"] = "Required parameters (name, email or password) is missing!";
    echo json_encode($response);
}
?>
Funk Forty Niner
  • 74,450
  • 15
  • 68
  • 141
awbasham
  • 69
  • 7
  • One moment, I'll update my post. – awbasham Dec 02 '16 at 15:59
  • 1
    Refer to this post http://stackoverflow.com/questions/15485354/angular-http-post-to-php-and-undefined and try out. – Wolverine Dec 02 '16 at 16:25
  • `if (x === false)` is an anti-pattern you need to eliminate, just use `if(!x)`, and `if (!x === false)` is even more preposterous. That reads as a triple negative: "If not x is not literally false". Try to avoid pointless acrobatics like this. Likewise, I bet your email "validation" expression is going to reject a lot of absolutely valid addresses, as things like `x@google` are technically valid despite how ridiculous it might seem. – tadman Dec 02 '16 at 16:37
  • I cannot take full credit for the code you see, as I quickly threw this together at 5am using a pre-existing project. But I agree with your points, thanks for the feedback. And as for the email validation, I threw in the pre-built PHP validation. I'll change that accordingly. – awbasham Dec 02 '16 at 16:41

1 Answers1

0

My issues were twofold. One, I think that $_POST was empty because I was naively testing the register.php file by typing in the url in my web browser (I forgot to use a chrome extension to force POST instead of GET).

Also, I called $http in my angularjs file as this:

$http({
    method: 'POST',
    url: link,
    data: data1,
    headers: {
      'Content-Type': 'application/x-www-form-urlencoded'
    }}).then(function(response) {
      console.log("Http success!");
      console.log(response);
    }, function(response) {
      console.log("Http failure!");
      console.log(response);
    });

I think what helped was defining the Content-Type as 'application/x-www-form-urlencoded' and passing data1 as

var data1 = "name=adam&email=test@test.com&password=testPass!";
awbasham
  • 69
  • 7