1

I'm mainly playing with PHP and cURL (the code includes some AJAX and HTML as well).

Architecture:

Front <--> Middle <--> Back <-->MySQL

Description:

  1. In my front section I'm creating an AJAX object and doing a POST request with some data (JSON format) obtain from a Form in the HTML.
  2. Data is sent to my middle server (PHP file). This file receives it and json_decodes it. Determines witch switch case to use and sends it to the back server using cURL.
  3. Back server (PHP file) gets data from POST request and it json_decodes the data. It then proceeds to create MySQL connection checks if passwords match. If the passwords match it echos back a string saying "GRATNED".
  4. Data is passed back to middle server and then to front section where AJAX receives it and displays the string.

So...

All of this works perfect. However, for some reason my data contains a 1 at the end. which messes up my Regular Expression in my JS file.

Can you please let me know what option do cURL (if that is the case) do I have to modify or what is it that I'm doing that I get that one (1) and how to remove it.

Attached is my code and images of output...

Front

function whenSubmitt()
{
  //Get the data that I want to pass
  //JS Object
  var parameters = {"case":"login",
  "username":document.getElementById("username").value,
  "password":document.getElementById("password").value
  };

  //Make into JSON object
  parameters = JSON.stringify(parameters);

  //Create AJAX object
  var xobj = new XMLHttpRequest();
  var method = "POST";
  var url = "./front.php";

  //Open Connection
  xobj.open(method,url,true);
  xobj.setRequestHeader("content-type", "application/x-www-form-urlencoded");

  //When Submit button is pressed
  xobj.onreadystatechange = function()
  {
    if (xobj.readyState == 4 && xobj.status == 200)
    {
      var respuestas = xobj.responseText;
      document.getElementById("msrv_answer").innerHTML = respuestas;
      //window.location.replace(respuestas[0]); //REDIRECTS TO NEW PAGE
    }
  };


  xobj.send(parameters);
}

Front PHP

<?php

function contact_middle_man($parameters)
{
 $url = "https://myurl/middle/middle.php";

 $obj = curl_init();
 curl_setopt($obj, CURLOPT_URL, $url);
 curl_setopt($obj, CURLOPT_POST, strlen($parameters));
 curl_setopt($obj, CURLOPT_POSTFIELDS, $parameters);
 curl_setopt($obj, CURLOPT_RETURNTRANSFER, true); //ALLOWS TO GET ANSWER BACK IN STRING FORMAT, AND DOES NOT OUTPUT ANSWER DIRECTLY.

 $ans = curl_exec($obj);

 curl_close($obj);

 return $ans;
}


/*RECEIVE DATA FROM WEB INTERFACE, USER*/
$indata = file_get_contents("php://input");

/*CONTACT MIDDLE MAN, USE CURL*/
$middle_answ = contact_middle_man($indata);

echo $middle_answ;
?>

Middle PHP

<?php

function http_post_back_server($url, $data)
{
    $obj = curl_init();

    curl_setopt($obj, CURLOPT_URL, $url);
    curl_setopt($obj, CURLOPT_POST, strlen($data));
    curl_setopt($obj, CURLOPT_POSTFIELDS, $data);

    $ans = curl_exec($obj);

    curl_close($obj);

    return $ans;
}

/*URL TO BACK SERVER*/
$url_myserver = "https://myurl/loginquery_v2_.php";

/*GLOBAL VARS*/
$back_ans ="";

/*RECEIVE DATA FROM POST REQUEST*/
$indata = file_get_contents("php://input");
$data = json_decode($indata, true);


/*MAKE REQUEST TO SERVERS*/
switch($data["case"]){
    case "login":
        $back_ans = http_post_back_server($url_myserver,$indata);
        break;
    default:
        $back_ans="NADA";
        break;
}

/*ANSWER BACK TO FRON END*/
echo $back_ans;

?>

Back PHP

<?php

/*RECEIVING DATA FROM POST REQUEST */
$indata = file_get_contents("php://input");

/*DATA TO JSON OBJ*/
$indata = json_decode($indata, true);


/*CONNECTION TO DATABASE */
$conn=mysqli_connect(myusername, mypassword);

/*CHECKING DATABASE CONNECTIVITY */

if(mysqli_connect_error())
{ echo "Connection Error: ".mysqli_connect_error; }

/*GOOD CONNECTION ... CONTINUE */

$uname = $indata["username"];

$query="SELECT * FROM alpha WHERE username ='".$indata["username"]."'";

$db_output = mysqli_query($conn,$query);

/* CHECK QUERY RESULT */
if($db_output)
{
 
 /* FETCH RESULTS */
 while($result = mysqli_fetch_assoc($db_output))
 {
 
  /* COMPARE STORE PWD VS RECEIVED PWD */
  if($result["password"] == $indata["password"])
  {
    /*JSON OBJECT*/
    echo "ACCESS GRANTED";
  }
  
  /* PASSWORDS DOES NOT MATCH */
  else
  {
    /*JSON OBJECT*/
    echo "ACCESS DENY";
  }

 }
}

/*CLOSE DATABASE CONNECITON */

mysqli_close($conn);

?>

PAGE WITH OUTPUT

enter image description here

Improve this question
18
  • 2
    You need curl_setopt($obj, CURLOPT_RETURNTRANSFER, true); in your Middle PHP Commented Mar 3, 2019 at 22:54
  • @Nick, Hi NIck I added the option (and will leave it in my code) however I still get the 1 at the end of the string. Thank you for your help. Commented Mar 3, 2019 at 23:01
  • 1
    That should have got rid of the 1 as it was coming from $ans containing the return status of the curl (true => 1) from that curl request instead of the text (due to the lack of the RETURNTRANSFER option Commented Mar 3, 2019 at 23:03
  • @Nick, I understand but its still happening.. could there be something else that we are missing? Commented Mar 3, 2019 at 23:10
  • 1
    to be clear about Nick's correct suggestion, curl_exec() returns a boolean true (equiv 1) upon success unless the returntransfer option is set: php.net/manual/en/function.curl-exec.php Commented Mar 3, 2019 at 23:10

1 Answer 1

Reset to default
2

This is occurring because in your Middle PHP, you are missing the CURLOPT_RETURNTRANSFER option in your curl call. As a result, $ans is assigned the value true (because the curl call is successful) and the output from the curl call (ACCESS GRANTED) is echo'ed into the output from Middle PHP, followed by $back_ans, which being true, when it is echo'ed produces a 1 in the output. Thus the string returned to Front PHP is ACCESS GRANTED1. You can fix this by adding this to Middle PHP:

curl_setopt($obj, CURLOPT_RETURNTRANSFER, true);

Then $ans will be assigned the value ACCESS GRANTED instead of true and your output will be as expected.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.