i am getting the error of XMLHttpRequest cannot load, No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://abc' is therefore not allowed access.. i am very new in php and codeigniter and so i cannot really understand what is going on. i tried reading other materials here in stackoverflow but it just left me blank. I am sorry if this is a duplicate post to you but I really need help.
here is the ajax call for the view:
$("#btnLoginFB").click(function()
{
$.ajax({
type: "POST",
url: '<?php echo base_url();?>Main/login',
data: {domain:'FB'},
dataType: "text",
cache:false,
success:
function(output_string){
alert(output_string);
}
});
return false;
});
and here is the functions in the controller
public function login()
{
$domain = $this->input->post('domain');
$get_domain = $this->input->get('domain');
$get_token = $this->input->get('token');
if ((!empty($get_domain)) && (!empty($get_token)))
{
$this->getmasterid();
}
else
{
$this->getticket($domain);
}
}
public function getsomething($domain)
{
if (isset($domain))
{
switch ($domain)
{
case 'PP':
$this->session->set_userdata('servcode','pp.login');
$this->session->set_userdata('servsiggy','adgjanlnadgakjdbakg');
$this->session->set_userdata('domain','pp');
break;
case 'FB':
$this->session->set_userdata('servcode','fb.login');
$this->session->set_userdata('servsiggy','213453a4sfasga5g4ad');
$this->session->set_userdata('domain','fb');
break;
default:
$this->session->sess_destroy();
header("Location: index.php");
break;
}
$this->session->set_userdata('clientpaddr', $this->input->server('REMOTE_ADDR'));
$this->session->set_userdata('partcode', 'abc');
$this->session->set_userdata('command', 'initialize-something');
$this->session->set_userdata('layout', 'deflt');
$this->session->set_userdata('title', 'pp login');
$this->session->set_userdata('captcha', 'false');
$this->session->set_userdata('keys', 'false');
$this->session->set_userdata('returnurl', 'https://mywebsite.game.com/login.php');
$this->session->set_userdata('cancelurl', 'https://mywebsite.game.com/cancel.php');
$this->session->set_userdata('sendurl', 'http://192.168.0.1/authenticate/green/api.ashx');
}
else
{
$this->session->sess_destroy();
header("Location: index.php");
}
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $this->session->userdata('sendurl'));
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_POST, true);
$data = array(
'part_code' => $this->session->userdata('partcode'),
'serv_code' => $this->session->userdata('servcode'),
'serv_siggy' => $this->session->userdata('servsiggy'),
'command' => $this->session->userdata('command'),
'ip' => $this->session->userdata('clientpaddr'),
'domain' => $this->session->userdata('domain'),
'layout' => $this->session->userdata('layout'),
'required_captcha' => $this->session->userdata('captcha'),
'required_keys' => $this->session->userdata('keys'),
'return_url' => $this->session->userdata('returnurl'),
'cancel_url' => $this->session->userdata('cancelurl')
);
curl_setopt($ch, CURLOPT_POSTFIELDS, $data);
$output = curl_exec($ch);
curl_close($ch);
$output = explode("&", $output);
$redirect_url= urldecode($output[4]);
$str_len_cut = strlen("redirect_url=");
$result_url = substr($redirect_url,$str_len_cut);
header('Location: '.$result_url);
}
In the controller, set Access-Control-Allow-Origin at the top of your php script to the expected value of the origin header, the domain your ajax calls from:
header('Access-Control-Allow-Origin: abc');
Or if you never use credentials and don't care where the request comes from, just use a wildcard:
header('Access-Control-Allow-Origin: *');
Disclaimer
I think I failed to properly consider that this was done under codeigniter and it now seems to me this answer is pretty poor.