You are having this problem while doing the ajax request:
Cross-origin request blocked: Same source policy (Same
Origin Policy) prevents the remote resource from being read
link . (Reason: o
CORS 'Access-Control-Allow-Origin' header is not present).
Basically, there is a blockage when an ajax request is made to a different domain from which the script is running. To resolve this problem you must enable access from other domains in your api. At mozilla mdn has some examples of how to allow, from the simplest to the most complete .
A basic solution would be to allow access to anyone by adding a header at the top of each file that can be accessed. More or less like this:
<?php
//acesso a parti de qualquer dominio
header('Access-Control-Allow-Origin: *');
//acesso a partir de um dominio especifico
//header('Access-Control-Allow-Origin: http://dominio.com');
This should solve some of your problems. For a more complete control you can limit which http methods are able to access (GET, POST, PUT, DELETE, etc). In practice you should only return these access control headers when, when the browser makes a request with the HTTP OPTIONS method. So you could do this check like this (in every file, or on your front controller):
if($_SERVER['REQUEST_METHOD'] == "OPTIONS") {
//dominios permitidos, use * para permitir qualquer um
header('Access-Control-Allow-Origin: http://dominio.com');
//metodo http permitidos
header('Access-Control-Allow-Methods: POST, GET, OPTIONS');
header("Content-Length: 0");
header("Content-Type: text/plain");
exit(0);
}
