I created a wordpress plugin for calculating costs. The form have only one input-field and a submit button. On submitting the form I'd like to create a ajax request. So, I call the /wp-admin/admin-ajax.php- Url ,but I get the forbidden-Error-Code 403. I thought the entries in the htaccess are wrong, but I get the same error after changing the file and restarting the server.
Do you have any idea what's going on here?
# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
# admin-ajax.php & post.php skip/bypass rule
RewriteCond %{REQUEST_URI} (admin-ajax\.php|post\.php) [NC]
RewriteRule . - [S=2]
</IfModule>
# END WordPress
It gives 403 forbidden error if you didn't declare that ajax call is allowed.
//allow this particular AJAX function for logged in users
add_action('wp_ajax_myajax', 'myajax');
//allow this particular AJAX function for non-logged in users
add_action('wp_ajax_nopriv_myajax', 'myajax');
function myajax() {
//your code
}
what worked for me was to disable mod sec on the server!
Related
I have a Laravel project and I want my main domain to be redirected to a subfolder IN the public folder, but I don't want the public in the URL.
For example, when I type example.com, I want to be automaticaly redirected to example.com/english.
I know that I can redirect example.com to example.com/public/english like so :
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{HTTP_HOST} ^(www.)?example.com$
RewriteCond %{REQUEST_URI} !^/public/english/
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ public/english/$1 [L]
RewriteCond %{HTTP_HOST} ^(www.)?example.com$
RewriteRule ^(/)?$ public/english/ [L]
</IfModule>
and I can remove the public like so :
<IfModule mod_rewrite.c>
RewriteCond %{REQUEST_URI} !^public/
RewriteRule ^(.*)$ public/$1 [L] #relative substitution
</IfModule>
But how do I combine both ?
First, the difference between redirect and rewrite:
Redirect: Changes URL in browser address bar
Rewrite: URL in browser address bar does NOT change
The [R] flag on a RewriteRule makes it a redirect. Also, if the host changes, it will be a redirect. Otherwise, it is a rewrite.
So perhaps step 1 could be to set what's in the address bar, client-side:
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{HTTP_HOST} ^(www.)?example.com$
RewriteCond %{REQUEST_URI} !^/english/
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ /english/$1 [R,L]
RewriteCond %{HTTP_HOST} ^(www.)?example.com$
RewriteRule ^(/)?$ /english/ [L]
</IfModule>
But the content does not actually exist there, so now, once the new request comes through, we rewrite that one internally, server-side, to direct the request to the actual location of the content:
<IfModule mod_rewrite.c>
RewriteCond %{REQUEST_URI} !^public/
RewriteRule ^(.*)$ public/$1 [L] #relative substitution
</IfModule>
You should be able to combine that into a single <IfModule> .. </IfModule> code block.
Alongside the R flag, you can indicate if its a permanent or a temporary redirect. By default it will be a permanent redirect (301 status code). I generally test it out using as temporary redirect [R=302], in case of mistake, until I'm confident everything works as expected.
The page flow for the two types differ:
redirect: Client side - (hence the browser's address bar changes)
Browser requests a page
Server responds with a redirect status code
(301: Permanent, 302: Found, 303: See Other, 307: Temporary)
Browser makes 2nd request to the new URL
Server responds to the new URL
rewrite: Server side (hence the browser bar does NOT change)
Browser requests a page
URL Rewrite rewrites the URL and makes request for the updated page
I am using an auth middleware in laravel. If I am calling the routes which does not have middleware('auth:api') then it is working fine But routes under middleware('auth:api') not working.
I have tried to update htaccess file and tried approx all the solutions, but no results.
My Route code is -
Route::group(['middleware' => 'auth:api'], function(){
Route::post('unregistered', 'API\InterestController#getUnregistered');
Route::post('new-campaign-listing','API\CampaignController#new_campaign_list');
Route::post('registered-campaign-listing','API\CampaignController#registered_campaign_list');
Route::get('past-campaign-listing','API\CampaignController#past_campaign_list');
Route::get('getcampaignhistory','API\CampaignController#getCampaignhistory');
Route::post('register-for-campaign', 'API\CampaignController#register');
Route::post('top-campaign-photos', 'API\CampaignController#topPhotos');
Route::get('user-detail', 'API\PassportController#getdetails');
//update profile
Route::post('update-profile', 'API\PassportController#update_profile');
//update profile
Route::post('shared-post-data','API\CampaignController#shared_post_data');
Route::post('vip-campaigns','API\CampaignController#vip_campaigns');
Route::post('vip_client','API\CampaignController#vip_client');
Route::post('add_user_interests', 'API\InterestController#add_user_interests');
Route::get('user-interests', 'API\InterestController#user_interests');
Route::post('update-user-interests', 'API\InterestController#update_user_interest');
//polls
Route::post('polls-for-vote', 'API\PollController#pollsForVote');
Route::post('vote', 'API\PollController#vote');
Route::post('contact-us', 'API\PassportController#contactmail');
Route::get('campaignpostimage','API\PassportController#campaignpostimage');
Route::post('firebase-token', 'API\PassportController#get_token');
//notifications
Route::post('notifications', 'API\InterestController#notifcations');
Route::post('unread_notifications', 'API\InterestController#unreadNotifications');
Route::get('coupons','API\CampaignController#coupons_list');
Route::post('redeem','API\CampaignController#redeem_points');
Route::post('campaign-detail','API\CampaignController#campaign_detail');
Route::get('rewards_history','API\CampaignController#rewards_history');
});
My function in passportcontroller is :
public function getDetails()
{
dd("hello");
}
My htaccess file code is :
<IfModule mod_rewrite.c>
<IfModule mod_negotiation.c>
Options -MultiViews -Indexes
</IfModule>
RewriteEngine On
# Handle Authorization Header
RewriteCond %{HTTP:Authorization} .
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
# RewriteCond %{HTTP:Authorization} ^(.*)
# RewriteRule .* - [e=HTTP_AUTHORIZATION:%1]
# Redirect Trailing Slashes If Not A Folder...
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_URI} (.+)/$
RewriteRule ^ %1 [L,R=301]
# Handle Front Controller...
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^ index.php [L]
</IfModule>
Even dd in controller is not printing. means API URL is not working
What is the error message?
Note:You should put the routes inside api.php
Please provide more info about how you are consuming your API?
if you are consuming the API's from different domain (Cross domain) than you will face the CORS issue, in that case you need to add the following package to your laravel application
and if you are on same domain tha you can follow the
documentation.
In my case this
git hub reported issue solved my problem
In my cakePHP v2.* I had a completely working application that does an ajax post to a file in /app/webroot/lib/upload/process.php
I now moved the site to a new server and get a missing controller error when I do the ajax post to the same file. So my first thought would be that somehow mod_rewrite wasn't configured... But the strangest thing is, when I access the file from my browser no error is shown. So only with the ajax call
BTW. I am running the site on an Ubuntu 14.04 server using ISPConfig as management console
The error I get is:
Missing Controller
Error: LibController could not be found.
Error: Create the class LibController below in file: app/Controller/LibController.php
And the ajax script is:
$('#my-upload-form').submit(function() {
$(this).ajaxSubmit(options);
return false;
});
Where the form is:
<form action="/lib/upload/process.php" method="post" enctype="multipart/form-data" id="my-upload-form">
Console:
Request URL:https://www.bukadoo.com/lib/upload/process.php
Request Method:POST
Status Code:404 Not Found
Remote Address:52.37.22.4:443
The .htaccess in the root:
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
RewriteRule ^$ app/webroot/ [L]
RewriteRule (.*) app/webroot/$1 [L]
</IfModule>
The .htaccess in webroot folder:
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^(.*)$ index.php [QSA,L]
</IfModule>
Well in the end it was a server issue. After installing the application on a whole different server things were working fine.
After a long search I found out that I needed to set the settings in ISPConfig from Fast-CGI to Mod-PHP
Google discovered that I'm allowing end users to navigate my content using ajax loading, and is loading my pages as a user client rather than requesting them as new page loads. So instead of trying to index www.mysite.com/page, it's requesting www.mysite.com/?_escaped_fragment_=/page
Which is not at all what I want it to do. My snapshots are served at the same URL as the ajax-loaded content. The site is not using queries, it's not supporting them and I don't want to build that support. This means that all the pages look broken to google which of course is unfortunate!
Currently all page requests are redirected server side using .htaccess sending requests to the index.php file which in turn compiles the html doc on the server before serving to the client. The site serves perfectly valid and unique html documents for all pages. But google insists on doing it the ajax way and adding the query which always returns a broken page.
I'm not a .htaccess expert, but it seems to me that the easiest way to solve this would be to rewrite the request, remove the ?_escaped_fragment_=/ bit and permanently redirect any such requests to what currently works which is to load the pages using their correct url's.
Anyone know how I would go about doing that? Below is the current redirect part of my .htaccess file which needs to be amended with the _escaped_fragment_ stripping code:
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteBase /
#if trailing / remove it with a permanent redirect
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)/$ /$1 [L,R=301]
#if missing www. add it with a permanent redirect
RewriteCond %{HTTP_HOST} !^www\.
RewriteRule ^(.*)$ http://www.%{HTTP_HOST}/$1 [L,R=301]
#requests for index.php never rewritten
RewriteRule ^index\.php$ - [L]
#if file or directory are missing, route to index.php
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
This is how I rewrote it so that all ?_escaped_fragment_=/XXXXX requests got redirected to /XXXXX without the query
RewriteCond %{QUERY_STRING} ^_escaped_fragment_=(.*)$
RewriteRule ^(.*)$ http://www.%{HTTP_HOST}%1? [L,R=301]
This makes www.domain.com/?_escaped_fragment_=/somepage redirect (permanently) to www.domain.com/somepage
...which is just what I wanted.
Edit: This is a major edit of my question, based on feedback in the comments, and a bit of reading on meta.stackoverflow.
I've shifted my goals, now my priority is to route top level URLs between Laravel and WP: I no longer seek to share code / databases / user creds, etc.
Question: What rewrite rules do I need to achieve a URL structure like this:
/ // (home) delivered by WP
/content1 // WP
/content(n) // WP
/dashboard // delivered by Laravel
/widgets/mywidget/ // Laravel
all Laravel pages will be in /admin or /widgets, everything else will be handled by WordPress, including 404s
I will keep WP and Laravel completely separate.
My colleague and I will edit WP using Admin accounts, there will be no other WP users
I will manage presentation for the two apps completely separately
I've setup my files as follows, and have tested that each application works independently of one another. (Ie if Laravel's rewrite rules are the only ones in use, Laravel works fine using laravel-index.php)
From the web root: public_html/
/wordpress
/laravel3 // app dir
/css // these are from the laravel public dir
/images //
/js, etc //
/index.php // WP index.php
/laravel-index.php // laravel's index.php
I'm in a shared hosting environment with no access to httpd.conf.
Here is my .htaccess
RewriteEngine On
RewriteCond %{HTTP_HOST} ^www\.(.*)$ [NC]
RewriteRule ^(.*)$ http://%1/$1 [R=301,L]
# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^widgets - [L]
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
# END WordPress
# Laravel
<IfModule mod_rewrite.c>
RewriteRule !^widgets - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ laravel-index.php/$1 [L]
</IfModule>
In this way:
I can reach my WordPress pages, and
WP serves a WP-404 for unknown URLs, but
/widgets gets a vanilla server 404, whilst
/laravel-index.php/widgets displays the proper content.
An additional problem is that WP Dashboard is stealing requests to /dashboard, which I'd like to redirect to Laravel
Thanks for reading!
For WordPress, you need to send all requests that are not in the widgets or dashboard folders to index.php
# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteCond !^widgets
RewriteCond !^dashboard
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
# END WordPress
For Laravel, you need to do the opposite, send ONLY requests that are inside widgets or dashboard to laravel-index.php
# Laravel
<IfModule mod_rewrite.c>
RewriteCond ^widgets
RewriteCond ^dashboard
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ laravel-index.php/$1 [L]
</IfModule>