I am using a CMS. when I put HTML code it works, when I put simple PHP code like "hello World" or when I try to connect to a database it works. But when I put more complex PHP code like " phpinfo()" or any SQL statements like "$reponse = $bdd->query('SELECT * FROM insription_14juin');" it doesn't work. The message that I get using fiddler is
403 Forbidden
You don't have permission to access /admin/modules/gestion_articles/updateContenu.php
on this server.
Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.
After multiple tests I think that a JavaScript file is trying to load information into a PHP file and apparently when the PHP code is complex the JavaScript file doesn't have permission to access the PHP file.
This is the JavaScript file:
$(function() {
$('#savemodif').click(function() {
$('#formModif').append('<img src="images/ajax-loader.gif" alt="Enregistrement en cours..." id="loadingImg" />');
var contenu ="";
var type = $('#type').val();
if(type == '0')
{
tinyMCE.triggerSave();
contenu = $('#contenu').val();
contenu = encodeURIComponent(contenu);
}
else
{
contenu = $('#contenu').val();
contenu = encodeURIComponent(contenu);
}
/* Récupération d'infos nécessaires à la mise à jour */
var id = $('#idcontenu').val();
var oldtitre = $('#oldtitre').val();
/* Récupération des mises à jours */
var titre = $('#titre').val();
var date = $('#date').val();
var publie = 0; if($('#publie').is(':checked')) publie = 1;
var diapo = '0'; if($('#diapo').is(':checked')) diapo = '1';
var prive = 0; if($('#prive').is(':checked')) prive = 1;
$.ajax({
url: 'modules/gestion_articles/updateContenu_test.php',
type: 'POST',
data: 'id='+encodeURIComponent(id)
+ '&oldtitre='+encodeURIComponent(oldtitre)
+ '&titre='+encodeURIComponent(titre)
+ '&date='+encodeURIComponent(date)
+ '&contenu='+contenu
+ '&publie='+encodeURIComponent(publie)
+ '&diapo='+encodeURIComponent(diapo)
+ '&prive='+encodeURIComponent(prive),
success: function(result) {
$('#result').html(result);
$('#loadingImg').fadeOut(1000, function() {
$(this).remove();
});
}
});
$('#oldtitre').attr('value',titre);
return false;
});
});
I already tried changing permissions in cpanel, it doesn't work. I renamed every htaccess file, it doesnt work.
Any help would be appreciated.
Your issue is permissions on your file system. I'm assuming that you are not the server admin.
Send your server admin an email saying what is happening and he'll take a look into it and change permissions around.
This is a shot in the dark, but I've encountered a similar message on my cms whenever there is a placeholder file missing from the server folder of the page. Like a index.php or something.
Another thing might be to add
async: false,
to your ajax call to make sure it is running with the appropriate data.
The problem is finally solved, it was about modsecurity. The technician told me that there was a restriction in modsecurity. If you are having the same problem check this with your provider.
The code I posted above works perfectly now.