duanguoping2016 2016-02-01 14:40
浏览 182

具有会话ID的POST请求被卡住而没有错误

I'm trying to create a simple to use API with php but I have run into multiple problems. I'm working on an user api that does basic CRUD stuff.

If I do a POST request with cURL to my user api (user.php), a new session id is used during the execution of user.php.

So in order to combat that I tried to send the current session id with the POST request to user.php. The problem I have right now is that after setting the id with session_id($_POST['session']) and then starting my session with session_start() my server will get stuck on executing that code and will eventually throw an Internal Server Error 500.

I tried to get my server to show me what the error is with ini_set('display_errors', 1); and an .htaccess file (content: php_flag display_errors 1) but to no avail, the server just gets stuck.

test.php

<?php
    session_start();

    // Check for available session
    if (!isset($_SESSION['id'])) {
        header('location: index.php');
    } else {
        // Initialize cURL
        $curl = curl_init();

        // Set parameters for POST request
        curl_setopt_array($curl, [
            CURLOPT_RETURNTRANSFER => 1,
            CURLOPT_URL => 'http://localhost/api/user.php',
            CURLOPT_POST => 1,
            CURLOPT_POSTFIELDS => http_build_query([
                'session' => session_id(),
                'username' => 'testuser',
                'password' => 'testalot',
                'name' => 'testuser',
                'isAdmin' => 0
            ])
        ]);

        // Execute POST request
        $response = curl_exec($curl);

        /* <<< Doesn't get beyond this point. */

        // Dump JSON
        var_dump($response);

        // Close cURL session
        curl_close($curl);
    }
?>

user.php

<?php
  // Declare integer checking function
  function isInteger($input) {
    return ctype_digit(strval($input));
  }

  // Declare result object
  $output = ['success' => false, 'data' => [], 'error' => ''];

  // Action on POST
  if ($_SERVER['REQUEST_METHOD'] == 'POST') {
    // Check if session id was sent
    if (!empty($_POST['session'])) {
      // Set session id
      session_id($_POST['session']);

      // Start session with received session id
      session_start();

      /* <<< Freezes at this point. */

      // Check session for available user id
      if (isset($_SESSION['id'])) {
        // Only admins are allowed to execute POST requests
        if ($_SESSION['isAdmin'] == 1) {
          // ... more code ...

I'd of course also use a different method of accessing my API that does not require me to send the current session id, if there is any. Any ideas?

UPDATE:

Look @Neok's comment under my question. That is the solution. Just pointing it out for others that might have the same issue.

  • 写回答

2条回答 默认 最新

  • doulangbizhan5160 2016-02-01 15:00
    关注

    Make sure that php.ini is set to log all errrors

    error_reporting(E_ALL);

    or 

    ini_set('error_reporting', E_ALL);
    评论

报告相同问题?

悬赏问题

  • ¥15 关于#matlab#的问题:在模糊控制器中选出线路信息,在simulink中根据线路信息生成速度时间目标曲线(初速度为20m/s,15秒后减为0的速度时间图像)我想问线路信息是什么
  • ¥15 banner广告展示设置多少时间不怎么会消耗用户价值
  • ¥16 mybatis的代理对象无法通过@Autowired装填
  • ¥15 可见光定位matlab仿真
  • ¥15 arduino 四自由度机械臂
  • ¥15 wordpress 产品图片 GIF 没法显示
  • ¥15 求三国群英传pl国战时间的修改方法
  • ¥15 matlab代码代写,需写出详细代码,代价私
  • ¥15 ROS系统搭建请教(跨境电商用途)
  • ¥15 AIC3204的示例代码有吗,想用AIC3204测量血氧,找不到相关的代码。