禁止使用JQuery AJAX 403 [英] JQuery AJAX 403 Forbidden
问题描述
我已经创建了一个使用PHP和JQuery的登录页面.问题是,每次JQuery $ .ajax尝试访问user_login.php文件时,我都会遇到 403 Forbidden 错误.
I've created a log-in page that uses PHP and JQuery. The problem is, I'm encountering a 403 Forbidden error every time JQuery $.ajax tries to access the user_login.php file.
以下是我当前的代码:
user_index.php
<!DOCTYPE html>
<html>
<head>
<title>Foot Steps Philippines -- User Log-in</title>
<link rel="icon" type="image/png" href="images/favicon.png">
<link rel="stylesheet" type="text/css" href="styles/user_login_style.css">
<script type="text/javascript" src="jquery.js"></script>
<script type="text/javascript" src="user_login.js"></script>
</head>
<body>
<div class="login_wrapper">
<h3>Log-In</h3>
<form id="fsp_login_form" name="fsp_login_form" action="user_login.php" method="POST">
<input type="email" name="fsp_email" id="fsp_email" placeholder="E-mail Address" />
<input type="password" name="fsp_password" id="fsp_password" placeholder="Password" />
<input type="submit" name="fsp_login" id="fsp_login" value="Log-In" />
<h4 id="login_message"></h4>
</form>
<div class="links">
<a href="">Forgot Password?</a>
</div>
<div class="note">*To register, please e-mail us at contact@footsteps.ph</div>
<div class="footer"></div>
<div class="logo"></div>
</div>
</body>
</html>
user_login.js
$(document).ready(function(){
$("#fsp_login_form").submit(function(){
$('#login_message').html("Please wait...");
var action = $('#fsp_login_form').attr('action');
var form_data = {
fsp_email: $('#fsp_email').val(),
fsp_password: $('#fsp_password').val(),
is_ajax: 1
};
$.ajax({
type: "POST",
url: action,
data: form_data,
dataType: "text",
contentType: "application/x-www-form-urlencoded; charset=UTF-8",
success: function(response) {
if ( response == 'success' ) {
$('#login_message').html("Login successful!");
setTimeout(function(){ window.location.href = 'user_cpanel.php'; }, 2000);
}
else {
$('#login_message').html("Login failed!");
}
},
error: function(err) {
//$('#login_message').html(err.responseText);
alert(err.responseText);
}
});
return false;
});
});
user_login.php
<?php
ob_start();
session_start();
include 'conn.php';
$is_ajax = $_REQUEST['is_ajax'];
$res = "";
if ( isset($is_ajax) && $is_ajax ) {
$email_address = $_REQUEST['fsp_email'];
$password = $_REQUEST['fsp_password'];
// Protect to MySQL injection.
$email_address = stripslashes($email_address);
$email_address = mysqli_real_escape_string($conn, $email_address);
$password = stripslashes($password);
$password = mysqli_real_escape_string($conn, $password);
$sql = "SELECT * FROM user_info WHERE email_address = '".$email_address."' AND password = '".$password."'";
if ( $result = mysqli_query($conn, $sql) ) {
if ( mysqli_num_rows($result) > 0 ) {
$client_id = 0;
$premium = 0;
while ( $row = mysqli_fetch_array($result) ) {
$client_id = $row['id'];
$premium = $row['premium_member'];
}
$_SESSION['client'] = $client_id;
$_SESSION['premium'] = $premium;
$res = "success";
}
else {
$res = "failed";
}
mysqli_free_result($result);
}
else {
$res = "failed";
}
}
else {
$res = "failed";
}
mysqli_close($conn);
echo $res;
?>
conn.php *注意:我故意使用了本地主机数据库配置.当我将其上传到网络托管服务器时,我已经对其进行了调整.
conn.php *Note: I intentionally used my localhost database config. I already adjusted it when I uploaded it to my web hosting server.
<?php
$conn = mysqli_connect("localhost", "root", "", "footstep_db");
// Check connection.
if ( mysqli_connect_errno() ) {
echo "Failed to connect to MySQL: ".mysqli_connect_error();
}
else {
// nothing to do.
}
?>
所有文件都在同一目录中,并且都具有0644权限. 您对如何解决错误有任何想法吗? 顺便说一句,当我在本地主机上运行时,我的登录页面运行正常.但是使用我的网络托管服务器上传时,它不起作用. 我无权访问我的虚拟主机的PHP配置文件和Apache配置文件,请尽量不要提供需要重新配置PHP和Apache的解决方案.
All files are at the same directory and all have 0644 permission. Do you have any idea guys on how to fix the error? By the way, my log-in page is functioning perfectly when running in localhost. But its not working when uploaded with my web hosting server. I don't have access to my web hosting's PHP config file and Apache config file so as much as possible, please try not to give a solution that requires reconfiguration of PHP and Apache.
谢谢:-)
推荐答案
问题已解决! 我只是要求我的虚拟主机为我的域创建一个例外. 我认为他们服务器的mod_security设置会导致403禁止错误.
Problem solved! I just ask my web hosting to create an exception for my domain. I think the mod_security setting of their server causes the 403 Forbidden Error.
这篇关于禁止使用JQuery AJAX 403的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!