I know you can send a header that tells the browser this page is forbidden like:
header('HTTP/1.0 403 Forbidden');
But how can I also display the custom error page that has been created on the server for this type of error?
By default, just sending the header displays a white page, but I remember a while back reading that you can use the customer error page. Does anybody know?
Include the custom error page after changing the header.
Just echo your content after sending the header.
header('HTTP/1.0 403 Forbidden');
echo 'You are forbidden!';
http_response_code was introduced in PHP 5.4 and made the things a lot easier!
http_response_code(403);
die('Forbidden');
For this you must first say for the browser that the user receive an error 403. For this you can use this code:
header("HTTP/1.1 403 Forbidden" );
Then, the script send "error, error, error, error, error.......", so you must stop it. You can use
exit;
With this two lines the server send an error and stop the script.
Don't forget : that emulate the error, but you must set it in a .htaccess file, with
ErrorDocument 403 /error403.php
Seen a lot of the answers, but the correct one is to provide the full options for the header function call as per the php manual
void header ( string $string [, bool $replace = true [, int $http_response_code ]] )
If you invoke with
header('HTTP/1.0 403 Forbidden', true, 403);
the normal behavior of HTTP 403 as configured with Apache or any other server would follow.
.htaccess
ErrorDocument 403 /403.html
I have read all the answers here and none of them was complete answer for my situation (which is exactly the same in this question) so here is how I gathered some parts of the suggested answers and come up with the exact solution:
- Land on your server's real 403 page. (Go to a forbidden URL on your server, or go to any 403 page you like)
- Right-click and select 'view source'. Select all the source and save it to file on your domain like: http://domain.com/403.html
- now go to your real forbidden page (or a forbidden situation in some part of your php) example: http://domain.com/members/this_is_forbidden.php
echo this code below before any HTML output or header! (even a whitespace will cause PHP to send HTML/TEXT HTTP Header and it won't work) The code below should be your first line!
<?php header('HTTP/1.0 403 Forbidden'); $contents = file_get_contents('/home/your_account/public_html/domain.com/403.html', TRUE); exit($contents);
Now you have the exact solution. I checked and verified with CPANEL Latest Visitors and it is registered as exact 403 event.
To minimize the duty of the server make it simple:
.htaccess
ErrorDocument 403 "Forbidden"
PHP
header('HTTP/1.0 403 Forbidden');
die(); // or your message: die('Forbidden');
Use ModRewrite:
RewriteRule ^403.html$ - [F]
Just make sure you create a blank document called "403.html" in your www root or you'll get a 404 error instead of 403.
I understand you have a scenario with ErrorDocument already defined within your apache conf or .htaccess and want to make those pages appear when manually sending a 4xx status code via php.
Unfortunately this is not possible with common methods because php sends header directly to user's browser (not to Apache web server) whereas ErrorDocument is a display handler for http status generated from Apache.
Refresh the page after sending the 403:
<?php
header('HTTP/1.0 403 Forbidden');
?>
<html><head>
<meta http-equiv="refresh" content="0;URL=http://my.error.page">
</head><body></body></html>
Alex, you can redirect to your custom page using a header like this:
header('Location: my403page.html');
And ensure that on your 403 page you include your original header code:
header('HTTP/1.0 403 Forbidden');
Alternatively, you could just create the header and include the 403 page like this:
header('HTTP/1.0 403 Forbidden');
include('my403page.html');
来源:https://stackoverflow.com/questions/5061675/emulate-a-403-error-page