CakePHP:Ajax发布请求引发403错误(权限全部授予) [英] CakePHP: Ajax post request throws 403 error (permissions all granted)

查看:239
本文介绍了CakePHP:Ajax发布请求引发403错误(权限全部授予)的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

Cakephp项目中的Ajax请求抛出403错误,为本地(XAMPP)中的项目目录授予了所有权限

Ajax request in Cakephp project throws 403 error, all permissions are granted for the project directory in localhost (XAMPP)

无法加载资源:服务器的响应状态为403 (禁止)/project/users/saveOrder:1

Failed to load resource: the server responded with a status of 403 (Forbidden) /project/users/saveOrder:1

var request = function() {
            $.ajax({
                beforeSend: function() {
                    messageBox.text('Updating the sort order in the database.');
                },
                complete: function() {
                    messageBox.text('Database has been updated.');
                },
            data: 'sort_order=' + sortInput[0].value + '&ajax=' + submit[0].checked + '&do_submit=1&byajax=1', //need [0]?
            type: 'post',
            url: '/project/users/saveOrder',

        });
        };

代码 UsersController: 

class UsersController extends AppController
{
    public function beforeFilter() {
        parent::beforeFilter();
        $this->Auth->allow('saveOrder');
    }

    public function view($id = null)
    {
        $user = $this->Users->get($id, [
            'contain' => ['Departments', 'Appointments', 'Roles', 'LeaveRequests', 'TasksTo', 'TasksFrom', 'TasksBy']
        ]); 
        $this->set('user', $user);
    }

    public function change(){
    }
    public function saveOrder() {
        $this->layout = null; 
        if ($this->request->is('post'))
        {

            $ids = explode(",", $this->request->data['priority']); 
            //print_r($ids); die;
            /* run the update query for each id */
            foreach ($ids as $index => $id) {
                if (isset($id) && !empty($id)) {
                    $query = 'UPDATE tasks SET priority = ' . ($index + 1) . ' WHERE id = ' . $id;
                    //$result = mysql_query($query) or die(mysql_error() . ': ' . $query);
                    $data['id'] = $id;
                    $data['priority'] = $index + 1;
                    $this->Task->id = $data['id'];
                    if($this->Task->saveField('priority', $data['priority'])) {
                         echo $query.'<br/>';
                    }else {
                          die('Error, insert query failed');
                    } 
                }
            }
            die;
        }
     }

}

推荐答案

您正面临此问题,因为您不允许ajax url

You are facing this issue because you haven't allow the function you are using in ajax url

在控制器的beforeFilter()中允许该功能,然后在内部传递功能名称

Allow that function in your beforeFilter() in your controller and then pass function name inside

$this->Auth->allow()

示例

public function beforeFilter() {
        parent::beforeFilter();
        $this->Auth->allow('saveOrder');
 }

有关$this->Auth->allow() 

$this->Auth->allow(); //Allow all action define in your controller

$this->Auth->allow('editUser'); //Allow only editUser 

$this->Auth->allow(['editUser', 'AddUser']); //Allow only editUser and AddUser

对于cakephp 3

For cakephp 3

  1. 将此内容放置在控制器use Cake\Event\Event;
    2. 的顶部

  2. 现在将其添加到过滤器功能

  1. Put this in top of your controller use Cake\Event\Event;

  2. Now add this to filter function

公共函数beforeFilter(Event $ event) {

public function beforeFilter(Event $event) {

parent::beforeFilter($event);
$this->Auth->allow('saveOrder');

}

这篇关于CakePHP:Ajax发布请求引发403错误(权限全部授予)的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!

查看全文
相关文章
PHP最新文章
热门教程
热门工具
登录 关闭
扫码关注1秒登录
发送“验证码”获取 | 15天全站免登陆