I'm trying to fetch data from a SOAP API using Javascript and a simple PHP proxy. When I go to the testing site and manually plug in the parameters I get the correct response. However, when I use the following script, I just get the html of the default testing page, no actual data from the API.
$.ajax({
url: 'proxy.php',
data: {requrl: 'http://rc.api.sitexdata.com/sitexapi/sitexapi.asmx?op=AddressSearch&' + $.param(requestData) },
})
.done(function(data) {
console.log(data);
});
proxy.php
<?php
$file = file_get_contents($_GET['requrl']);
echo $file;
?>
I don't really see anything in your code that has anything to do with SOAP. You pass a URL to a php endpoint that fetches the file contents of a remote file. That's not SOAP.
Technicality aside, does accessing proxy.php through a browser produce different results than what the ajax call produces? If not, I would double check your documentation on the SOAP call to ensure you're making the call correctly. If the problem is only occurring when you use ajax, you are probably just missing the dataType and contentType settings.
This link may be useful. JQuery AJAX Consume SOAP Web Service
Related
I got a URL from a ecommerce website and when i access it i get all the last 5 products that i've visited in their site. I don't know how it works, i guess it's because of the cookie that this ecommerce website have left in my browser.
I would like to use this URL to show in my website something like this: "The Last 5 Products You Have Seen at X Ecommerce Website".
But to do that this URL must be executed in somehow in the client side and i will still need to get the JSON content returned by this URL.
Is there exist anyway to do that by using PHP or any other web technology?
Thank you!
It might be cookies, localStorage (there are other APIs to save data on local computer, imo they are unused or deprecated e.g. openDatabase) or last views could be connected with account and saved on internal database.
You should use AJAX, but by default in browser mechanism called CORS blocks all requests coming from other domain than resource.
In PHP you can download external page using file_get_contents function or cURL library, but without localStorage/cookies (which can be accessed from JS executed on domain, where that cookies are saved).
AJAX is your option for client side requests. Here's the jQuery guide for it.
https://api.jquery.com/jquery.ajax/
Here's a quick example:
$.ajax({
url: "http://ecommerce.com/your/url/here",
method: 'get',
dataType: 'json', //if you're sure its returning json you can set this
success: function(data) {
//handle success json here
//be sure that you're going to receive json though, possibly could receive some other data type and you should handle appropriately
},
error: function(error) {
//handle error json here
}
});
I am creating an application, that accepts a ajax call (jquery) and returns the validated user an entry token to the website.
Say for example the ajax is called checkAuth.php and there are all the other php files in this directory. By changing the JS to validate another file like checkMail.php for example:
var xmlRequest = $.ajax({
url: "checkAuth.php",
processData: false,
data: xmlDocument
});
change the url to checkMail.php and create a vulnerability in the site?
var xmlRequest = $.ajax({
url: "checkMail.php",
processData: false,
data: xmlDocument
});
Although the result would return a different object but by doing so would this create an "open door" perhaps where the malicious user would keep sending requests in order to gain access? I understand that the user would have to know that the php file exists however I am unsure how to process this securely whilst maintaining my directory structure.
Please note this is not my actual code and I cant clarify the answer with these other posts or I am not understanding this correctly.
Edit: In addition - would this mean that any site using jquery would be able to ajax request any file from the server and create a vulnerability?
How to authenticate an AJAX request to a PHP file?
Question regarding Ajax Hacking
Ajax Security questions
How to send secure AJAX requests with PHP and jQuery
In general, any AJAX request can access all files which accessible via http request like as user types full URL as the browser address.
So, you have to check security token or something else in the begining of PHP-scripts.
You can restrict access to folders or files using .htaccess, see https://stackoverflow.com/a/11729748/3325396
I am trying to get a CSV file from the following URL (http://s3.amazonaws.com/misc-ww/data.csv) and parse the data in this file on the fly. What I am trying to achieve by parsing the data in the file is important, feel free to look at the file if you wish to make suggestions on it; however my current problem lies in getting the data in the file itself. When using either XMLHttpRequest, or an Ajax call, or a JSONP call; the response is always returning with error. Meaning that the file for some reason cannot be accessed.
After researching for a few hours, I am sure this has got to do with some kind of security restriction (cross domain request), sadly I have not come any closer to understanding how to get around it. For sample purposes I have created a jsFiddle highlighting my attempt at retrieving the CSV file via an AJAX JSONP call (code seen below).
HTML
<button>Click me to get the CSV File</button>
Javascript
function getCSV() {
$.ajax({
url: "http://s3.amazonaws.com/misc-ww/data.csv",
type: 'get',
dataType: 'jsonp',
success: function(data) {
alert("Success: " + data);
},
error: function(jqXHR, textStatus, errorThrow){
alert("Error: " + jqXHR['responseText']);
}
});
}
$('button').click(function() {
getCSV();
});
My main goal is to be able to achieve this via Javascript alone, however I do welcome any answers that involve jQuery. I am aware of javascript frameworks that could allow this to work for me, but in my case I need to code without them.
You cant really bypass CORS with JSONP calls if server doesn't support them. Its more the way server don't have to set "Access-Control-Allow-Origin: *" header. Instead server can send respond inside callback function to bypass straight JSON response. So your problem is that you .csv file is not wrapped inside a callback function.
So server which supports JSONP and gets ?callback=cbFunc it will print:
cbFunc('here is my file content')
Now you are asking .csv file and server is sending it without wrapping it to callback function. That's why you end up with security restriction.
Long story short: You cant get file via AJAX JSONP like that because s3.amazonaws.com does not support JSONP.
here is nice explanation about JSON and JSONP: http://json-jsonp-tutorial.craic.com/index.html
Sorry about repeating myself.
I want a code for how to parse xml data , which is comming from restfull webservices.
Please send code for how to call restfull webservices URL from javascript and this URL contains XML data . I want to read this xml data from javascript.
Thank U.
You can't grab data from another server using JavaScript, it's a security issue.
You can however create a server-side script which returns the XML required. Once you've done that, check out this very helpful article that walks through step by step of using jQuery to parse the XML
http://think2loud.com/224-reading-xml-with-jquery/
You can pass/get xml type through Jquery Ajax call. Two important things to be considered while passing the data as xml
Specifying the datatype as "xml"
Specifying the contentType as "text/xml; charset=\"utf-8\""
You can check out this article for calling your web service through java script and manipulating the data.
http://sharepoint-snippets.com/ajax-calls-sharepoint-web-services-using-jquery/
you can also check for various parameters used in Ajax call
http://api.jquery.com/jQuery.ajax/
I am creating a facebook wall (stream) look-a-like to put on my site.
This component will read all posts from a specific page`s wall and display them, via the graph api.
I also want the user to be able to LIKE the posts displayed on the "wall".
What I have so far is a script that uses the graph api to get the JSON list of posts and I also have a PHP file that can LIKE a post who`s ID is submitted in the post_id query string parameter, and this does work. I see the LIKE is submitted.
To call this PHP file I use jQuery ajax:
function do_likes(post_id) {
$.ajax({
type: "POST",
url:"http://www.p-art.co.il/facebook_test/action.php?post_id=" + post_id
});
Firebug doesn't show any error, but on the other hand, the LIKE is not posted.
I have been searching for several hours, but I can't find the correct way to call the PHP file, in order for the FB.api call to work.
Thank you in advance.
-Elad
With a HTTP POST, data is normally sent from form inputs with the enctype set to application/x-www-form-urlencoded format. So with an AJAX POST, we would usually send data in this format also and not as a query string parameter, which is how data is usually sent with a HTTP GET request and how you are sending data above.
if you change your code to
function do_likes(post_id) {
$.ajax({
type: "POST",
url:"http://www.p-art.co.il/facebook_test/action.php",
data : { post_id : post_id }
});
}
it should work as expected (I'm not familiar with PHP but I assume that the URL you're posting to expects data in application/x-www-form-urlencoded format). with jQuery.ajax(), if you set the data object to the key/value pairs that you want to send to the server, jQuery will take care of providing the correct enctype for you based on the HTTP request type you are using (you can override the enctype if necessary, but usually this is not required and the defaults will be what you need in the majority of cases).
Also, you may want to set a callback function to be called after the AJAX post has successfully completed. To do this add a success property to the object passed to the $.ajax() call.
It's hard to tell without seeing the source code for your action.php file but I'm guessing its not getting the users access token correctly due to it being called via AJAX.
If you can post your action.php source somewhere I should be able to help some more