I am using two PHP frameworks now, one is laravel-5, the other is self-developed. In one .php file of my own framework, I need to call an api on laravel. So I use cURL to send a post request.
Calling code:
$postfields = array(
'_token' => $this->request['token'], // this is received from the view in laravel
'product_ids' => $this->request['productIds']);
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_HEADER, 0);
// curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($postfields));
curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 10);
curl_exec($ch);
curl_close($ch);
I paid attention to use '_token' specifically. But I still got an exception in log. Like following:
local.ERROR: exception 'Illuminate\Session\TokenMismatchException' in /a/www/zhihui-manager/vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/VerifyCsrfToken.php:53
Stack trace:
#0 [internal function]: Illuminate\Foundation\Http\Middleware\VerifyCsrfToken->handle(Object(Illuminate\Http\Request), Object(Closure))
#1 /a/www/zhihui-manager/vendor/illuminate/pipeline/Pipeline.php(124): call_user_func_array(Array, Array)
#2 /a/www/zhihui-manager/vendor/illuminate/view/Middleware/ShareErrorsFromSession.php(49): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}(Object(Illuminate\Http\Request))
#3 [internal function]: Illuminate\View\Middleware\ShareErrorsFromSession->handle(Object(Illuminate\Http\Request), Object(Closure))
#4 /a/www/zhihui-manager/vendor/illuminate/pipeline/Pipeline.php(124): call_user_func_array(Array, Array)
#5 /a/www/zhihui-manager/vendor/illuminate/session/Middleware/StartSession.php(62): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}(Object(Illuminate\Http\Request))
#6 [internal function]: Illuminate\Session\Middleware\StartSession->handle(Object(Illuminate\Http\Request), Object(Closure))
#7 /a/www/zhihui-manager/vendor/illuminate/pipeline/Pipeline.php(124): call_user_func_array(Array, Array)
#8 /a/www/zhihui-manager/vendor/laravel/framework/src/Illuminate/Cookie/Middleware/AddQueuedCookiesToResponse.php(37): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}(Object(Illuminate\Http\Request))
#9 [internal function]: Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse->handle(Object(Illuminate\Http\Request), Object(Closure))
#10 /a/www/zhihui-manager/vendor/illuminate/pipeline/Pipeline.php(124): call_user_func_array(Array, Array)
#11 /a/www/zhihui-manager/vendor/laravel/framework/src/Illuminate/Cookie/Middleware/EncryptCookies.php(59): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}(Object(Illuminate\Http\Request))
#12 [internal function]: Illuminate\Cookie\Middleware\EncryptCookies->handle(Object(Illuminate\Http\Request), Object(Closure))
#13 /a/www/zhihui-manager/vendor/illuminate/pipeline/Pipeline.php(124): call_user_func_array(Array, Array)
#14 /a/www/zhihui-manager/vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/CheckForMaintenanceMode.php(44): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}(Object(Illuminate\Http\Request))
#15 [internal function]: Illuminate\Foundation\Http\Middleware\CheckForMaintenanceMode->handle(Object(Illuminate\Http\Request), Object(Closure))
#16 /a/www/zhihui-manager/vendor/illuminate/pipeline/Pipeline.php(124): call_user_func_array(Array, Array)
#17 [internal function]: Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}(Object(Illuminate\Http\Request))
#18 /a/www/zhihui-manager/vendor/illuminate/pipeline/Pipeline.php(103): call_user_func(Object(Closure), Object(Illuminate\Http\Request))
#19 /a/www/zhihui-manager/vendor/laravel/framework/src/Illuminate/Foundation/Http/Kernel.php(122): Illuminate\Pipeline\Pipeline->then(Object(Closure))
#20 /a/www/zhihui-manager/vendor/laravel/framework/src/Illuminate/Foundation/Http/Kernel.php(87): Illuminate\Foundation\Http\Kernel->sendRequestThroughRouter(Object(Illuminate\Http\Request))
#21 /a/www/zhihui-manager/public/index.php(54): Illuminate\Foundation\Http\Kernel->handle(Object(Illuminate\Http\Request))
#22 {main}
So I changed "post" request to "get" and used
header("Location:" . $url . http_build_query($postfields));
Then everything goes well.
But I'm afraid query field will expand in the future, so I prefer to use "post" and use CSRF to guarantee security.
What's the reason of the exception? Thanks in advance.
from Newest questions tagged laravel-5 - Stack Overflow http://ift.tt/2xQyUn9
via IFTTT
Aucun commentaire:
Enregistrer un commentaire