CakePHP:Ajax发布请求引发403错误(权限全部授予) [英] CakePHP: Ajax post request throws 403 error (permissions all granted)
问题描述
Cakephp项目中的Ajax请求抛出403错误,为本地(XAMPP)中的项目目录授予了所有权限
Ajax request in Cakephp project throws 403 error, all permissions are granted for the project directory in localhost (XAMPP)
无法加载资源:服务器的响应状态为403 (禁止)/project/users/saveOrder:1
Failed to load resource: the server responded with a status of 403 (Forbidden) /project/users/saveOrder:1
var request = function() {
$.ajax({
beforeSend: function() {
messageBox.text('Updating the sort order in the database.');
},
complete: function() {
messageBox.text('Database has been updated.');
},
data: 'sort_order=' + sortInput[0].value + '&ajax=' + submit[0].checked + '&do_submit=1&byajax=1', //need [0]?
type: 'post',
url: '/project/users/saveOrder',
});
};
代码 UsersController:
class UsersController extends AppController
{
public function beforeFilter() {
parent::beforeFilter();
$this->Auth->allow('saveOrder');
}
public function view($id = null)
{
$user = $this->Users->get($id, [
'contain' => ['Departments', 'Appointments', 'Roles', 'LeaveRequests', 'TasksTo', 'TasksFrom', 'TasksBy']
]);
$this->set('user', $user);
}
public function change(){
}
public function saveOrder() {
$this->layout = null;
if ($this->request->is('post'))
{
$ids = explode(",", $this->request->data['priority']);
//print_r($ids); die;
/* run the update query for each id */
foreach ($ids as $index => $id) {
if (isset($id) && !empty($id)) {
$query = 'UPDATE tasks SET priority = ' . ($index + 1) . ' WHERE id = ' . $id;
//$result = mysql_query($query) or die(mysql_error() . ': ' . $query);
$data['id'] = $id;
$data['priority'] = $index + 1;
$this->Task->id = $data['id'];
if($this->Task->saveField('priority', $data['priority'])) {
echo $query.'<br/>';
}else {
die('Error, insert query failed');
}
}
}
die;
}
}
}
推荐答案
您正面临此问题,因为您不允许ajax url
You are facing this issue because you haven't allow the function you are using in ajax url
在控制器的beforeFilter()
中允许该功能,然后在内部传递功能名称
Allow that function in your beforeFilter()
in your controller and then pass function name inside
$this->Auth->allow()
示例
public function beforeFilter() {
parent::beforeFilter();
$this->Auth->allow('saveOrder');
}
有关$this->Auth->allow()
$this->Auth->allow(); //Allow all action define in your controller
$this->Auth->allow('editUser'); //Allow only editUser
$this->Auth->allow(['editUser', 'AddUser']); //Allow only editUser and AddUser
对于cakephp 3
For cakephp 3
- 将此内容放置在控制器
use Cake\Event\Event;
的顶部
-
现在将其添加到过滤器功能
- Put this in top of your controller
use Cake\Event\Event;
Now add this to filter function
公共函数beforeFilter(Event $ event) {
public function beforeFilter(Event $event) {
parent::beforeFilter($event);
$this->Auth->allow('saveOrder');
}
这篇关于CakePHP:Ajax发布请求引发403错误(权限全部授予)的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!