Click here to Skip to main content
15,844,903 members
Please Sign up or sign in to vote.
1.00/5 (1 vote)
See more:
I have created a signup.php file as back end API, the problem now is how do I call this file on my flutter app(registration page)? I am getting cors issue. Maybe I am missing some steps. Please advice because I can't use locahost:port number as apiUrl to my flutter - it's throwing some errors cors blocked.

What I have tried:

@author:Gcobani Mkontwana
@This application uses cors for allowing application to run.
@This app sign up users and sign them to the database table.

header("Access-Control-Allow-Origin: *");
header("Content-Type: application/json; charset=UTF-8");

// Database connection
$servername = "localhost";
$username = "agile_log_admin";
$password = "*****";
$dbname = "agile_logistix_mobile";

try {
    $conn = new PDO("mysql:host=$servername;dbname=$dbname", $username, $password);

    // Handle POST data
    $data = json_decode(file_get_contents("php://input"));

    $username = $data->username;
    $email = $data->email;
    $password = $data->password;

    // Perform the database query (replace 'users_registration' 
    // with your table name)
    $stmt = $conn->prepare("INSERT INTO users_registration (username, email, password) VALUES (:username, :email, :password)");
    $stmt->bindParam(':username', $username);
    $stmt->bindParam(':email', $email);
    $stmt->bindParam(':password', $password);

    if ($stmt->execute()) {
        echo json_encode(array("message" => "Registration successful"));
    } else {
        echo json_encode(array("error" => "Registration failed"));
} catch (PDOException $e) {
    echo json_encode(array("error" => "Database error: " . $e->getMessage()));
Updated 13-Sep-23 8:34am
Richard Deeming 14-Sep-23 6:17am    
You are storing your users' passwords in plain text. Don't do that!
Secure Password Authentication Explained Simply[^]
Salted Password Hashing - Doing it Right[^]

PHP even provides built-in functions to help you do the right thing:
PHP: password_hash[^]
PHP: password_verify[^]

1 solution

One possible solution would be to configure CORS by placing a .htaccess file in your PHP base directory and configure the CORS headers in there, as such:
Header set Access-Control-Allow-Origin "*"
Header set Access-Control-Allow-Headers "origin, content-type"
Header set Access-Control-Allow-Methods "DELETE, GET, OPTIONS, POST, PUT"

What this does is:

1) Tells Apache to accept HTTP requests from any domain
2) Tells Apache to allow the origin and content-type headers cross-origin
3) Tells Apache to accept all HTTP methods for requests

You can also configure this directly within Apache, I recommend Googling how to do that.
Share this answer

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

CodeProject, 20 Bay Street, 11th Floor Toronto, Ontario, Canada M5J 2N8 +1 (416) 849-8900