1. 技术文章
  2. CakePHP: Ajax post request throws 403 error (permissions all granted)

CakePHP: Ajax post request throws 403 error (permissions all granted)

梦想与她 提交于 2019-12-11 07:20:11

问题


Ajax request in Cakephp project throws 403 error, all permissions are granted for the project directory in localhost (XAMPP)

Failed to load resource: the server responded with a status of 403 (Forbidden) /project/users/saveOrder:1

var request = function() {
            $.ajax({
                beforeSend: function() {
                    messageBox.text('Updating the sort order in the database.');
                },
                complete: function() {
                    messageBox.text('Database has been updated.');
                },
            data: 'sort_order=' + sortInput[0].value + '&ajax=' + submit[0].checked + '&do_submit=1&byajax=1', //need [0]?
            type: 'post',
            url: '/project/users/saveOrder',

        });
        };

CODE UsersController:

class UsersController extends AppController
{
    public function beforeFilter() {
        parent::beforeFilter();
        $this->Auth->allow('saveOrder');
    }

    public function view($id = null)
    {
        $user = $this->Users->get($id, [
            'contain' => ['Departments', 'Appointments', 'Roles', 'LeaveRequests', 'TasksTo', 'TasksFrom', 'TasksBy']
        ]); 
        $this->set('user', $user);
    }

    public function change(){
    }
    public function saveOrder() {
        $this->layout = null; 
        if ($this->request->is('post'))
        {

            $ids = explode(",", $this->request->data['priority']); 
            //print_r($ids); die;
            /* run the update query for each id */
            foreach ($ids as $index => $id) {
                if (isset($id) && !empty($id)) {
                    $query = 'UPDATE tasks SET priority = ' . ($index + 1) . ' WHERE id = ' . $id;
                    //$result = mysql_query($query) or die(mysql_error() . ': ' . $query);
                    $data['id'] = $id;
                    $data['priority'] = $index + 1;
                    $this->Task->id = $data['id'];
                    if($this->Task->saveField('priority', $data['priority'])) {
                         echo $query.'<br/>';
                    }else {
                          die('Error, insert query failed');
                    } 
                }
            }
            die;
        }
     }

}

回答1:


You are facing this issue because you haven't allow the function you are using in ajax url

Allow that function in your beforeFilter() in your controller and then pass function name inside

$this->Auth->allow()

Example 

public function beforeFilter() {
        parent::beforeFilter();
        $this->Auth->allow('saveOrder');
 }

For more idea on $this->Auth->allow()

$this->Auth->allow(); //Allow all action define in your controller

$this->Auth->allow('editUser'); //Allow only editUser 

$this->Auth->allow(['editUser', 'AddUser']); //Allow only editUser and AddUser

For cakephp 3

  1. Put this in top of your controller use Cake\Event\Event;

  2. Now add this to filter function

    public function beforeFilter(Event $event) {

    parent::beforeFilter($event);
$this->Auth->allow('saveOrder');

    }



来源:https://stackoverflow.com/questions/54005621/cakephp-ajax-post-request-throws-403-error-permissions-all-granted

标签
php
jquery
ajax
cakephp
http-status-code-403
易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!