-1

In my original php5 code, once a user opens the index page there is an ajax call to check if there is any $_SESSION['user'] stored. If there is a session, the user will be displayed. Otherwise the page redirects to the login page. Once I upgraded to php 7 it stopped working.

$.ajax({
type: 'POST',
url: "php/checksession.php",
})
.done(function(response) {
    console.log(response);
    var code = response[0].code;
    ///// if no loging session is stored, redirect back to loging page
    if (code == 0) {
        window.location.href = "login";
        ///// Session is found, update balance 
    } else {
        $('body').show();
        ///////////////////// Do other stuff 
    }
}
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html> 
<head> 
 <meta http-equiv="content-type" content="text/html; charset=utf-8"> 
 <title>Title Goes Here</title>
</head>
<body style="display:none">
 <p>PageContent</p> 
</body> 
</html>

Here is the php7 code. 

<?php
header('Content-type: application/json');
require 'connection.php';

// Get Access to DB
// if ($_SERVER["REQUEST_METHOD"] == "POST") {
if (isset($_POST))
{
    ob_start();
    session_start();
    if (isset($_SESSION['user']))
    {
        $responseArray = array(
            'code' => '1',
            'type' => 'good',
            'message' => 'found'
        );
    }
    else
    {
        $responseArray = array(
            'code' => '0',
            'type' => 'bad',
            'message' => 'no session'
        );
    }
}
else
{
    $responseArray = array(
        'code' => '0',
        'type' => 'bad',
        'message' => 'no POST'
    );
}

if (!empty($_SERVER['HTTP_X_REQUESTED_WITH']) && strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) == 'xmlhttprequest')
{
    $Arrays = [];
    array_push($Arrays, $responseArray);
    $encoded = json_encode($Arrays);
    header('Content-Type: application/json');
    echo $encoded;
}
else
{
    echo $responseArray['message'];
} // else just display the message
?>

$_POST is empty and Json data is not sent back to browsers because this statement is not met:

if (!empty($_SERVER['HTTP_X_REQUESTED_WITH']) &&
   strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) == 'xmlhttprequest')
Ibu
  • 42,752
  • 13
  • 76
  • 103
A.K.
  • 141
  • 1
  • 2
  • 14
  • 3
    Can you please format your code to make it easier to read. – Script47 Oct 31 '18 at 17:23
  • 2
    add `ini_set('display_errors', 1); ini_set('display_startup_errors', 1); error_reporting(-1);` to the top of your PHP script to check for errors – treyBake Oct 31 '18 at 17:23
  • 1
    Your previous PHP installation may not have had error reporting set and was probably suppressing errors. – Funk Forty Niner Oct 31 '18 at 17:27
  • 2
    I wonder why you're using this ``. You realize what that does, *right?* – Funk Forty Niner Oct 31 '18 at 17:28
  • 1
    @FunkFortyNiner I'm going to hazard a guess and say that they are hiding the page and only showing it if the session is valid. The better way would be to show the sign in page and redirect if the session exists. – Script47 Oct 31 '18 at 17:31
  • @FunkFortyNiner with php5 I used to get the call back from php with data to update index page – A.K. Oct 31 '18 at 17:32
  • @Script47you are right, if I don't do that, the index page will show up for a bit before redirecting – A.K. Oct 31 '18 at 17:33
  • @Script47 I thought about that earlier also and it's hard to say for certain since they didn't post the related CSS for it. In any which case, the OP needs to look at their console *and* check for errors via PHP. – Funk Forty Niner Oct 31 '18 at 17:35
  • @FunkFortyNiner the issue is with this statement, it is not sent back to ajax – A.K. Oct 31 '18 at 17:38
  • Anyone who is savvy enough could look at the HTML source to possibly reveal something. Using `` isn't very effective, it should be handled via serverside, IMHO. – Funk Forty Niner Oct 31 '18 at 17:39
  • @A.K. `HTTP_X_REQUESTED_WITH` is not 100%: https://stackoverflow.com/questions/2579254/does-serverhttp-x-requested-with-exist-in-php-or-not – Script47 Oct 31 '18 at 17:39

1 Answers1

0

Try to use another method to get POST data.... I don't know why but when I use AJAX sometimes the POST data becomes in another way...

<?php

    if(!isset($_POST)) {
        $_POST = json_decode(file_get_contents("php://input"));
    }
Vitor Braga
  • 1
  • `$_POST ` is supposed to be empty. I'm making the call to check if session exists or the page will be redirected to login.html – A.K. Oct 31 '18 at 17:56