php - how to redirect to secure section of website with Login script created in redbeanphp -

- 

$email = trim($_post['email']);         $pass = md5(trim($_post['password']));         $user = r::findone("user"," email = ? , password = ? ", array($email,$pass));         if($user != null) {             // login             header('location: http://www.google.com/');         } else {             // bad login         }

now framework provided in redbean create login script in file runs when submit form on website - 

require_once('xyz.class.php'); if (isset($_request['apiname']) && $_request['apiname'] != null) {     $apiname = $_request['apiname'];     switch ($apiname) {         case 'requestsignup':             echo uberhealth::requestsignup($_request['email']);             break;         case 'contact':             echo uberhealth::contact($_request['email'], $_request['msg'], $_request['name'], $_request['subject']);             break;         ...     } }

and xyz.class.php has redbean functions logging in / sign etc. when login through script gives me error on console - 

xmlhttprequest cannot load http://www.google.com/. no 'access-control-allow-origin' header present on requested resource. origin 'http://localhost' therefore not allowed access.

i have tried 

return header('location: http://www.google.com/'); return json_encode(header('location: http://www.google.com/'));

instead of header('location: ...'));

but gave same error.

i think you're missing access-control-allow-origin header, message said :)

here same question on so.

edit: address header alternative question far understood you're searching alternative approach header redirects. typically php frameworks know use bootstrapping mechanisms build user output. take @ rude graphic below:

sample of framework bootstrap-process

essentially request client handled via main entry point (index.php) depending on url style either use hashes, or parts of querystring determine navigate to. thats job of bootstrapper find out: "ok user want's visit page xyz". next layer authorization amongst others. here check whether user has permission or not if continue bl , render result returned client.

so whole sequence takes place during initial request client no redirecting needed. detailed examples take how well-known frameworks job.


Comments

Post a Comment

Popular posts from this blog

c# - How to get the current UAC mode -

-
can check current uac type set in device before running application through c#. i got know approach check whether current user administrator or not. but, need know uac type set (i.e. default/never notify) internal logic. is possible? please help. this article self-elevation , checking level program runs in. due security reasons i'm afraid won't able retrieve uac level set. http://code.msdn.microsoft.com/windowsdesktop/csuacselfelevation-644673d3
Read more

postgresql - Lazarus + Postgres: incomplete startup packet -

-
i've been building lazarus pascal program using postgresql on back-end. used work fine following lines opening db. dbconn:= tpqconnection.create(nil); dbconn.hostname := 'localhost'; dbconn.databasename:= 'dbhrs'; dbconn.username:='mizk'; dbconn.password:='123'; dbconn.open; if dbconn.connected openhrsdb := true else openhrsdb := false; but moment change localhost server's ip (on lan), program stops. no errors or warnings. have no clue happening. here related details may narrow down problem. the program i'm running workstation on same lan server. both machines run ubuntu 12.04 desktop i can access postgres db on server using pgadmin iii, guess it's not firewall issue. i have allowed postgresql ufw , ufw disabled. strangely, when firewall disabled, can ssh server terminal using workstation. when it's enabled, can't my biggest concern right why pascal program not working when i...
Read more

javascript - Ajax jqXHR.status==0 fix error -

-
$.ajax({ url: urlstring, datatype: "json", type: "get", success: function (data) { alert(data); }, error: function (jqxhr, exception) { if (jqxhr.status === 0) { alert('not connect.\n verify network.'); } else if (jqxhr.status == 404) { alert('requested page not found. [404]'); } else if (jqxhr.status == 500) { alert('internal server error [500].'); } else if (exception === 'parsererror') { alert('requested json parse failed.'); } else if (exception === 'timeout') { alert('time out error.'); } else if (exception === 'abort') { alert('ajax request aborted.'); } else { alert('uncaught error.\n' + jqxhr.responsete...
Read more