403 禁止提交表单
我有一个 url 由于某种未知原因而返回 403 禁止。我已禁用 .htaccess 中的 mod_security,将文件修改为 0777。 URL 为
http ://www.veepiz.com/afrostar.php?app=help&func=addvideo
当您提交表单时会发生任何想法吗?
这是代码
function PublicAddVideo()
{
if (isset($_POST['submit_addvideo']))
{
require_once("class.phpmailer.php");
//send email tobirthday person
$subject="New AfroStar Video Suggested";
$msg = "Dear Jordah,\n".
"Youtube video: ".$_POST['youtubesle']."\n Star Name: ".$_POST['starnamesle']."\n Country: ".$_POST['countrysle']."\n IP Address: ".getRealIpAddr();
$mail = new PHPMailer();
$mail->IsSMTP(); // set mailer to use SMTP
$mail->Host = "localhost"; // specify main and backup server
$mail->SMTPAuth = true; // turn on SMTP authentication
$mail->Username = "[email protected]"; // SMTP username
$mail->Password = "********"; // SMTP password
$mail->From = "[email protected]";
$mail->FromName = "Veepiz";
$mail->AddAddress('[email protected]',"Jordah Ferguson");
$mail->AddReplyTo("[email protected]", "Veepiz");
$mail->WordWrap = 50; // set word wrap to 50 characters
$mail->IsHTML(true); // set email format to HTML
$mail->Subject = $subject;
$mail->Body = nl2br($msg);
$mail->AltBody = $msg;
if(!$mail->Send())
{
}
?>
<div style='color:green;'>Admins at veepiz.com have been notified of your request and will update afrostar application accordingly.<div align='center' style='padding:10px'> <a href='afrostar.php' onclick="return getPage('afrostar_class.php',{});" class='btn'>Back to AfroStars</a></div></div>
<?php
} else
{
$this->DisplayHeader("Add African Video");
?>
<script language="javascript">
var checkHelpVars=function ()
{
err='';
if ($('#starnamesle').val().length==0) err+="Please type in the name of the star";
if ($('#countrysle').val().length==0) err+="\nName of the country missing";
if ($('#youtubesle').val().length==0) err+="\nYoutube url missing";
var url=$('#youtubesle').val();
var matches = url.match(/^http:\/\/(?:www\.)?youtube.com\/watch\?(?=.*v=[\w-]+)(?:\S+)?$/);
if (matches) {
} else {
err +="\nInvalid Youtube Url";
}
if (err.length>0)
{
alert(err);
return false;
}
<?php
if (isloggedin())
{
echo "return postPage('afrostar_class.php?app=help&func=addvideo',{starnamesle:$('#starnamesle').val(),countrysle:$('#countrysle').val(),youtubesle:encodeURI($('#youtubesle').val()),submit_addvideo:1});";
} else
{
echo "return true;";
}
?>
}
</script>
<form id='helpform' method="POST" action="http://www.veepiz.com/afrostar.php?app=help&func=addvideo">
<table cellpadding="2" cellspacing="3">
<tr>
<td><b>Africa Artist Name:</b></td>
<td><input id='starnamesle' type="text" style='' name='starnamesle' style='-webkit-border-radius: 8px;-moz-border-radius: 8px;border-radius: 8px;width:450px'/></td>
</tr>
<tr>
<td><b>Country:</b></td>
<td><input id='countrysle' type="text" style='' name='countrysle' style='-webkit-border-radius: 8px;-moz-border-radius: 8px;border-radius: 8px;width:450'/></td>
</tr>
<tr>
<td><b>Youtube link:</b></td>
<td><input id='youtubesle' type="text" style='' name='countrysle' style='-webkit-border-radius: 8px;-moz-border-radius: 8px;border-radius: 8px;width:450'/><br/>Example:<small style='font-size:8pt;color:#666666'>http://www.youtube.com/watch?v=vJyftjMOd2w</small></td>
</tr>
<tr>
<td colspan="2" align="center"><input type="submit" class="btn" onclick="return checkHelpVars();" name='submit_addvideo' value="Finish"></td>
</tr>
</table>
</form>
<?php
$this->DisplayFooter();
}
}
I have a url that returns 403 forbidden for some unknown reason. i have disable mod_security in .htaccess, chmodded file to 0777. The URL is
http://www.veepiz.com/afrostar.php?app=help&func=addvideo
it happens when u submit the form any ideas?
here is the code
function PublicAddVideo()
{
if (isset($_POST['submit_addvideo']))
{
require_once("class.phpmailer.php");
//send email tobirthday person
$subject="New AfroStar Video Suggested";
$msg = "Dear Jordah,\n".
"Youtube video: ".$_POST['youtubesle']."\n Star Name: ".$_POST['starnamesle']."\n Country: ".$_POST['countrysle']."\n IP Address: ".getRealIpAddr();
$mail = new PHPMailer();
$mail->IsSMTP(); // set mailer to use SMTP
$mail->Host = "localhost"; // specify main and backup server
$mail->SMTPAuth = true; // turn on SMTP authentication
$mail->Username = "[email protected]"; // SMTP username
$mail->Password = "********"; // SMTP password
$mail->From = "[email protected]";
$mail->FromName = "Veepiz";
$mail->AddAddress('[email protected]',"Jordah Ferguson");
$mail->AddReplyTo("[email protected]", "Veepiz");
$mail->WordWrap = 50; // set word wrap to 50 characters
$mail->IsHTML(true); // set email format to HTML
$mail->Subject = $subject;
$mail->Body = nl2br($msg);
$mail->AltBody = $msg;
if(!$mail->Send())
{
}
?>
<div style='color:green;'>Admins at veepiz.com have been notified of your request and will update afrostar application accordingly.<div align='center' style='padding:10px'> <a href='afrostar.php' onclick="return getPage('afrostar_class.php',{});" class='btn'>Back to AfroStars</a></div></div>
<?php
} else
{
$this->DisplayHeader("Add African Video");
?>
<script language="javascript">
var checkHelpVars=function ()
{
err='';
if ($('#starnamesle').val().length==0) err+="Please type in the name of the star";
if ($('#countrysle').val().length==0) err+="\nName of the country missing";
if ($('#youtubesle').val().length==0) err+="\nYoutube url missing";
var url=$('#youtubesle').val();
var matches = url.match(/^http:\/\/(?:www\.)?youtube.com\/watch\?(?=.*v=[\w-]+)(?:\S+)?$/);
if (matches) {
} else {
err +="\nInvalid Youtube Url";
}
if (err.length>0)
{
alert(err);
return false;
}
<?php
if (isloggedin())
{
echo "return postPage('afrostar_class.php?app=help&func=addvideo',{starnamesle:$('#starnamesle').val(),countrysle:$('#countrysle').val(),youtubesle:encodeURI($('#youtubesle').val()),submit_addvideo:1});";
} else
{
echo "return true;";
}
?>
}
</script>
<form id='helpform' method="POST" action="http://www.veepiz.com/afrostar.php?app=help&func=addvideo">
<table cellpadding="2" cellspacing="3">
<tr>
<td><b>Africa Artist Name:</b></td>
<td><input id='starnamesle' type="text" style='' name='starnamesle' style='-webkit-border-radius: 8px;-moz-border-radius: 8px;border-radius: 8px;width:450px'/></td>
</tr>
<tr>
<td><b>Country:</b></td>
<td><input id='countrysle' type="text" style='' name='countrysle' style='-webkit-border-radius: 8px;-moz-border-radius: 8px;border-radius: 8px;width:450'/></td>
</tr>
<tr>
<td><b>Youtube link:</b></td>
<td><input id='youtubesle' type="text" style='' name='countrysle' style='-webkit-border-radius: 8px;-moz-border-radius: 8px;border-radius: 8px;width:450'/><br/>Example:<small style='font-size:8pt;color:#666666'>http://www.youtube.com/watch?v=vJyftjMOd2w</small></td>
</tr>
<tr>
<td colspan="2" align="center"><input type="submit" class="btn" onclick="return checkHelpVars();" name='submit_addvideo' value="Finish"></td>
</tr>
</table>
</form>
<?php
$this->DisplayFooter();
}
}
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(7)
检查您的帖子数据,如果其中包含任何网址,则有可能在服务器中被阻止。
您应该替换您提交的网址中的某些字符,然后您需要在发布时转换回其原始形式。
Check your post data, if it contains any url then there are chances to get blocked in server.
you should replace certain characters in the url you are submitting then you need convert back to its original form on post.
我的解决方案:
My solution:
我意识到我为 Countrysle 定义了两次名称......所以我将其更改为这个,现在它可以工作[在表单内]
i realised i had name defined twice for countrysle.... so i changed it to this and now it works[within form]
您需要在遇到问题的字段的输入标记中添加
type= "text"属性。还可以尝试在表单属性中使用method= "post"而不是 get,这也可能导致此问题。You need the
type= "text"attribute in your input tag of the field you are having the problem with. Also try and usemethod= "post"in the form attributes rather than get which can also cause this problem.对于其他为此苦苦挣扎的人来说,绝对值得按照其他人的建议检查
$_POST全局。就我而言,由于我的无知,我的问题是我正在从我的 JS 发出
fetch()请求。我print_r我的全局变量,但里面什么也没有。我发现这很奇怪,因为传出请求中的有效负载包含我需要的所有数据,并且还指定它是一个 POST 请求。我过去曾使用过 AJAX,但在本例中不想使用 jQuery,因为它只是针对这一请求。
对于像我这样的情况并且想要使用
fetch()对 PHP 脚本执行POST请求的人来说,使用 FormData() 接口。For anyone else struggling with this, it's definitely worth checking the
$_POSTglobal as other people have recommended.In my case, in my ignorance, my issue was that I was making a
fetch()request from my JS. Iprint_r'd my globals and there was nothing in them. I found it rather strange given that the payload in the outgoing request had all of the data that I needed and had also specified that it was aPOSTrequest.I have used AJAX in the past but did not want to use jQuery in this instance as it would simply be for this one request.
For anyone in my situation and wanting to use
fetch()to do aPOSTrequest to a PHP script, it is vital to use the FormData() interface.令人难以置信的是,我发现如果我将帖子字符串从“空白表单网页”更改为“空白网页”,即省略技术词“表单”,表单将发布文本,而服务器不会抛出“禁止”消息! !
Incredibly, I found that if I changed the post string from 'blank form webpage' to 'blank webpage', i.e. omitting the technical word 'form', the form would post the text without the server throwing up a 'Forbidden' message!!!