2

I am trying to do a http request to a php file on my server. My code i am using at the moment is as follows:

App.controller('GetSales', ['$scope', '$http', function ($scope, $http) {

        $http({
            method: 'POST',
            url: '/app/controller/apis/_sales.php?period_start=2015-07-01&period_end=2015-07-31&join=leads&status=0&category=0user=1'
        })
        .success(function (data) {
            $scope.sales = data;
        });
}]);

Isnt there a better way to do this? When i add these var as data it doesnt get posted to my page?

data: {
            period_start: '2015-07-01',
            period_end: '2015-07-31',
            join: 'leads',
            status: '',
            category: '',
            user: '1'
        };

In php i get the data like this, its also sanitized for security reason: 

$user = filter_var($_REQUEST['user'], FILTER_SANITIZE_NUMBER_INT);
$period_start = $_REQUEST['period_start'].' 00:00:00';
Improve this question
4
  • My answer has been updated this is using the incorrect API for accessing AngularJS. See my demo and link to the Angular Docs for $http. This is using the jQuery style but with Angular, wont work. Commented Jul 12, 2015 at 17:20
  • Your problem is not client side at this point, I am extending my answer below Commented Jul 12, 2015 at 19:52
  • Well am sitting on this already like "forever" and i cant figure out what am missing? Commented Jul 12, 2015 at 19:57
  • I just added your fix, its the type of input your expecting. Use json_decode( file_get_contents('php://input') ); instead of $_POST for Angular data code example has been edited Commented Jul 12, 2015 at 20:09

2 Answers 2

Reset to default
0

At first sight you are tryng to call an HTTP POST service, but you send parameter like it was a GET service, try something like that:

App.controller('GetSales', ['$scope', '$http', function ($scope, $http) {
    $http.post('/app/controller/apis/_sales.php',
        {
            period_start: '2015-07-01',
            period_end: '2015-07-31',
            join: 'leads',
            status: '',
            category: '',
            user: '1'
        })
        .success(function (data) {
            $scope.sales = data;
        })
        .error(function (data, status) {
            console.log(status);
        });
Improve this answer
Sign up to request clarification or add additional context in comments.

5 Comments

i tried this already but it doesnt work! Also you have some error in your code!
yes I forgot the semicolon, but the problem I think is in the PHP server side. Put an error clause to the $http service calll and catch the error
funny its not trowing any error but return "null"...?
not working... i dont understand because with the regular get request i get my required data?
I don't know, does your REST server permit the post for that action? Try to make a simple POST request with a basic HTTPRequester. I thjink your action does not permit post!
0

I would use json_decode( file_get_contents('php://input') ) on your serverside. Also, please don't forget to sanitize your user sent data!

var dataParams = {
            period_start: '2015-07-01',
            period_end: '2015-07-31',
            join: 'leads',
            status: '',
            category: '',
            user: '1'
};
App.controller('GetSales', ['$scope', '$http', function ($scope, $http) {
        $http.post('/app/controller/apis/_sales.php', dataParams)
        .success(function (data) {
            $scope.sales = data;
        });
}]);

You will want to watch ever using the variable data as it will most likely collide with another variable, such as in your demonstration where you have named your post params as data while the return response is also aliased as data in the $.post success. This may not cause an issue in this case - but it usually will, so I renamed it for you out of habit.

Your server side could look something like this depending on what your usernames strings consist of:

public static function sanatize_client_string($dirtyString){
                    $cleanString = htmlspecialchars(strtolower(preg_replace("/[^a-z]+/i", "[FORBIDDEN_CHAR]", $dirtyString)));
                    return $cleanString;
                }

$client_data = sanatize_client_string(json_decode( file_get_contents('php://input')));

Now you can access the username like:

echo $client_data['user']; // Will echo 1 based on the post data you are sending

This is what a simple serverside data-router could look like, as using normal $_POST has never worked for Angular data for me either:

    /**
    * Collect all Angular HTTP Request data
    */
    $client_data = json_decode( file_get_contents('php://input') );

    $app_state = utils::sanatizeClientString($client_data->appState); // <- name of prop must match client angularPostObj.x = serverModel.x

    /**
    * Cache the view path to the model
    */   
    $module_exists_in_model = isset($app['view_data']['views'][$app_state]);

    /**
     * If the angular post request matches data in the model, return the requested dataset, while if no object is found 
     * under that address, the error object will be returned which will send and error data to the view. 
     * 
     * This error condition will never happen aside from an attack because the clientside AngularJS router would prevent any 
     * unregistered paths from being even sent to the server. This would happen using a post mocking service or by 
     * forcing the string change in the code inspector while using the site.
     */
    $module_exists_in_model ?
        $view_model = $app['view_data']['views'][$app_state] : 
        $view_model = $app['view_data']['views']['error'];

    // Call the view from Angular post data, passing it to a Class that sends a response as valid JSON

    Render_app::echo_json($view_model);

I was informed of this by: http://www.cleverweb.nl/javascript/a-simple-search-with-angularjs-and-php/ and How to post a data in Angular?.

The point is... use $client_data = json_decode( file_get_contents('php://input') ); instead of $client_data = $_POST['username'];

Improve this answer

4 Comments

i tried this already but it doesnt work! Also you have some error in your code!
Sorry your jquery like syntax through me off, your right it was the improper way to call angular $http.post. Refer to this doc when using $http for angular docs.angularjs.org/api/ng/service/$http
Basically your demo has 2 issues, one is that you tried sending use $post as a query string which is 'get style' as @marianoc84 stated, and your code is using a jQuery style api to access angular $http service - which I fell for as well. Easy to mixup, hope that code works for ya!
Now the added 3rd issue of the server intercepting the client sent post data is fixed. Its not normal post data, its Angular post data and it comes through in an object. Try echo $client_data and you should see an object containing your props and values you sent from the client side

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.