I using CakePHP with Backbone.JS, I set up a controller just to give me a JSON output for getting my data, e.g. client names etc, to pass into each Backbone model.
This was all working, or appeared to be, however, it seems that it now gives me some random 403 errors when the page / from is saved or reloaded. But I have no idea why? If it can access it to start with, and does, then why would it not have access after a save or reload?
I have tried, $this->Auth->allow and it dose appear to fix the problem but this data is or could be important and need it not to be access my everybody who might guest at my access path.
Now I have read a number of articles on her, most point to read/write access on the files your accessing, but in my case its just a path /XXXX/XXXXX/myjson/clients For example.
Now I can post my code, if needed, but I am not sure what the problem is, is this a CakePHP issue or is Backbone not requesting the data right?
Please be aware that I am dyslexic, please be kind about my question, if I have not explained myself right. Then please be me some time to re-word / edit my post.
Thanks,
For any one else looking at this, I had added autoRegenerate to the Configure Write Session. For some reason it looks like CakePHP was taking to long to regenerate a new cookie and request my information at the same time.
Related
I'm not entirely sure I am asking the question correctly but here goes.
I am trying to view customer data via the REST service. I've gotten the login and and can view the servlet(Response as HTML), atleast i thought it was the servlet, i just realized its just the path to the servlet/start.
I think what I am seeing is just the hardcoded HTML messages that get viewed depending on customer data. Viewing as JSON doesn't work either i get "The content you are trying to view cannot be viewed as JSON"
I'm sorry I don't know enough to ask this properly
Well, it was a n00b mistake. I didnt call the action prior to loading the page so there was no data to ever load.
Here's the "long story short" version of my issue:
I have this newsletter/subscription form that triggers the wp-admin/admin-ajax.php file, however the form wasn't working when I wasn't logged into Wordpress.
Turns out, the admin-ajax.php file has a 302 going against it.
I have already seen/tested previous resolutions of this problem (namely this one and that one), however none of them were helpful.
I searched throughout my theme files for any related "wp-admin" protections, I didn't find anything.
I modified and deactivated both WP Better Security and W3C (as well as various other plugins), nothing changed.
I changed/removed the htaccess, nothing changed.
I'm kind of getting frustrated with this issue.
At this point, I know there's somewhere in my code something blocking access to admin-ajax.php for "outsiders," however I can't figure out where.
It's either something protecting my admin folder and/or something protect admin-ajax.php.
Any ideas?
Help would be much appreciated.Thanks in advance!
Ok, the problem here is that Wordpress uses two different hooks for ajax. It uses one for admin side, and one for logged out user. My guess is that your form is not using the latter.
Have a look at the two:
add_action('wp_ajax_my_action', 'my_action_callback');
add_action('wp_ajax_nopriv_my_action', 'my_action_callback');
From Wordpress Codex:
Since WordPress 2.8, there is a hook similar to wp_ajax_(action):
wp_ajax_nopriv_(action) executes for users that are not logged in. So,
if you want it to fire on the front-end for both visitors and
logged-in users, you can do this:
add_action('wp_ajax_my_action', 'my_action_callback');
add_action('wp_ajax_nopriv_my_action', 'my_action_callback');
See here: http://codex.wordpress.org/AJAX_in_Plugins
I am developing a website using Microsoft MVC3, and have built it upon the default MVC3 Application template. It accesses an external database and works on localhost.
I have deployed it to a shared server I rent from storminternet via the publish tool using ftp method (storminternet do not yet support web deploy), and it runs well. It accesses the database okay and get requests work fine.
However, any form that submits via POST protocol returns page not found error 404 (this is on actions where I have asserted [HttpPost]).
Storm internet assure me that POST and GET are allowed by default, and since the helpdesk are not developers, I'm unsure who to turn to. I don't have an excellent understanding of web.config, although I can read and understand xml and see what's going on by reading through and googling. I have tried adding the protocols to the root web.config, and I think I might be barking up the wrong tree.
Has anyone else had this problem, or might anyone know how to help me?
To replicate my error, my site is here... 213.229.125.117/$sitepreview/ase-limited.com/Dev (sorry it isn't blue. The dollar gets parsed to % something)
and the quickest route to a POST request is to click 'Add Building' at the top of the left-hand side and then click 'Save' at the top of the dialogue box.
Any help will be gratefully received. I've been stuck on this for days without luck.
Best Regards
Nick
STOP-PRESS-STOP-PRESS-STOP-PRESS-STOP-PRESS-STOP-PRESS-STOP-PRESS-STOP-PRESS-
It turned out to be a known issue with sitepreview. Switching to the proper domain sorted everything.
I have noticed that you have some 404 javascript errors when performing your AJAX requests. For example you have a request to:
http://213.229.125.117/$sitepreview/ase-limited.com/BuildingManager/Employees/2
instead of:
http://213.229.125.117/$sitepreview/ase-limited.com/Dev/BuildingManager/Employees/2
Notice how /Dev is missing. That's because in your javascripts you have hardcoded your urls instead of using url helpers to generate them. For example you wrote something like this:
$.ajax({
url: '/BuildingManager/Employees/2',
....
});
which works fine on localhost because you don't have a virtual directory name but doesn't work when you deploy on your server because now the correct path is:
$.ajax({
url: '/Dev/BuildingManager/Employees/2',
....
});
For this reason you should absolutely never hardcode urls like that.
And when I try to POST the form in tries to post to http://213.229.125.117/Dev/BuildingManager/SaveBuilding which seems a very weird url as it is missing the whole beginning. Once again: never hardcode urls. Always use url helpers.
I have a small problem that seems to be big enough to hold me from my work.
As I said in the title, I am leaning Yii and after I developped my project, I realized that I don't have ajax check.
I tried to solve this by setting enableAjaxValidation to true and it didn't worked. I tried to make use of the method performAjaxValidation and, again, it didn't worked. The third way was to copy the content of performAjaxValidation and paste it inside my method (like in documentation and identical with the code generated by Yii.
I checked my js and they are loaded.
What could it be? How can I solve this? The problem is that I need my fields to modify while the user is completing the form.
Thank you!
PS: I checked some topics from stackoverflow but the only one who was related was Yii - Ajax Form with validations
Make sure the from that is being validated has the same ID that is being used in the performAjaxValidation function. For example if your form has the id product-form, the if statement should look like this:if(isset($_POST['ajax']) && $_POST['ajax']==='product-form')
If possible I recommend using Firefox with firebug extension so that you can debug whether the AJAX call is even being made, and what is being returned.
I want to write a script to log in and interact with a web page, and a bit at a loss as to where to start. I can probably figure out the html parsing, but how do I handle the login part? I was planning on using bash, since that is what I know best, but am open to any other suggestions. I'm just looking for some reference materials or links to help me get started. I'm not really sure if the password is then stored in a cookie or whatnot, so how do I assess the situation as well?
Thanks,
Dan
Take a look a cURL, which is generally available in a Linux/Unix environment, and which lets you script a call to a web page, including POST parameters (say a username and password), and lets you manage the cookie store, so that a subsequent call (to get a different page within the site) can use the same cookie (so your login will persist across calls).
I did something like that at work some time ago, I had to login in a page and post the same data over and over...
Take a look at here. I used wget because I did not get it working with curl.
Search this site for screen scraping. It can get hairy since you will need to deal with cookies, javascript and hidden fields (viewstate!). Usually you will need to scrape the login page to get the hidden fields and then post to the login page. Have fun :D