禁止使用JQuery

禁止使用JQuery

关注
发信
关注(28)粉丝(399)

禁止使用JQuery AJAX 403

本文介绍了禁止使用JQuery AJAX 403的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

我已经创建了一个使用PHP和JQuery的登录页面.问题是,每次JQuery $ .ajax尝试访问user_login.php文件时,我都会遇到 403 Forbidden 错误.

I've created a log-in page that uses PHP and JQuery. The problem is, I'm encountering a 403 Forbidden error every time JQuery $.ajax tries to access the user_login.php file.

以下是我当前的代码:

user_index.php 

<!DOCTYPE html>
<html>
<head>
    <title>Foot Steps Philippines -- User Log-in</title>
    <link rel="icon" type="image/png" href="images/favicon.png">
    <link rel="stylesheet" type="text/css" href="styles/user_login_style.css">
    <script type="text/javascript" src="jquery.js"></script>
    <script type="text/javascript" src="user_login.js"></script>
</head>

<body>
<div class="login_wrapper">
    <h3>Log-In</h3>
    <form id="fsp_login_form" name="fsp_login_form" action="user_login.php" method="POST">
        <input type="email" name="fsp_email" id="fsp_email" placeholder="E-mail Address" />
        <input type="password" name="fsp_password" id="fsp_password" placeholder="Password" />
        <input type="submit" name="fsp_login" id="fsp_login" value="Log-In" />
        <h4 id="login_message"></h4>
    </form>
    <div class="links">
        <a href="">Forgot Password?</a>
    </div>
    <div class="note">*To register, please e-mail us at [email protected]</div>
    <div class="footer"></div>
    <div class="logo"></div>
</div>
</body>
</html>

user_login.js 

$(document).ready(function(){
    $("#fsp_login_form").submit(function(){
            $('#login_message').html("Please wait...");
            var action = $('#fsp_login_form').attr('action');
            var form_data = {
                fsp_email: $('#fsp_email').val(),
                fsp_password: $('#fsp_password').val(),
                is_ajax: 1
            };

            $.ajax({
                type: "POST",
                url: action,
                data: form_data,
                dataType: "text",
                contentType: "application/x-www-form-urlencoded; charset=UTF-8",
                success: function(response) {
                    if ( response == 'success' ) {
                        $('#login_message').html("Login successful!");
                        setTimeout(function(){ window.location.href = 'user_cpanel.php'; }, 2000);
                    }
                    else {
                        $('#login_message').html("Login failed!");
                    }
                },
                error: function(err) {
                    //$('#login_message').html(err.responseText);
                    alert(err.responseText);
                }
            });
        return false;
    });
});

user_login.php 

<?php
ob_start();
session_start();
include 'conn.php';

$is_ajax = $_REQUEST['is_ajax'];
$res = "";

if ( isset($is_ajax) && $is_ajax ) {
    $email_address = $_REQUEST['fsp_email'];
    $password = $_REQUEST['fsp_password'];

    // Protect to MySQL injection.
    $email_address = stripslashes($email_address);
    $email_address = mysqli_real_escape_string($conn, $email_address);
    $password = stripslashes($password);
    $password = mysqli_real_escape_string($conn, $password);

    $sql = "SELECT * FROM user_info WHERE email_address = '".$email_address."' AND password = '".$password."'";

    if ( $result = mysqli_query($conn, $sql) ) {
        if ( mysqli_num_rows($result) > 0 ) {
            $client_id = 0;
            $premium = 0;
            while ( $row = mysqli_fetch_array($result) ) {
                $client_id = $row['id'];
                $premium = $row['premium_member'];
            }
            $_SESSION['client'] = $client_id;
            $_SESSION['premium'] = $premium;
            $res = "success";
        }
        else {
            $res = "failed";
        }
        mysqli_free_result($result);
    }
    else {
        $res = "failed";
    }
}
else {
    $res = "failed";
}
mysqli_close($conn);
echo $res;
?>

conn.php *注意:我故意使用了本地主机数据库配置.当我将其上传到网络托管服务器时,我已经对其进行了调整.

conn.php*Note: I intentionally used my localhost database config. I already adjusted it when I uploaded it to my web hosting server.

<?php
$conn = mysqli_connect("localhost", "root", "", "footstep_db");

// Check connection.
if ( mysqli_connect_errno() ) {
    echo "Failed to connect to MySQL: ".mysqli_connect_error();
}
else {
    // nothing to do.
}
?>

所有文件都在同一目录中,并且都具有0644权限.您对如何解决错误有任何想法吗?顺便说一句,当我在本地主机上运行时,我的登录页面运行正常.但是使用我的网络托管服务器上传时,它不起作用.我无权访问我的虚拟主机的PHP配置文件和Apache配置文件,请尽量不要提供需要重新配置PHP和Apache的解决方案.

All files are at the same directory and all have 0644 permission.Do you have any idea guys on how to fix the error?By the way, my log-in page is functioning perfectly when running in localhost. But its not working when uploaded with my web hosting server.I don't have access to my web hosting's PHP config file and Apache config file so as much as possible, please try not to give a solution that requires reconfiguration of PHP and Apache.

谢谢:-)

推荐答案

问题已解决!我只是要求我的虚拟主机为我的域创建一个例外.我认为他们服务器的mod_security设置会导致403禁止错误.

Problem solved!I just ask my web hosting to create an exception for my domain.I think the mod_security setting of their server causes the 403 Forbidden Error.

这篇关于禁止使用JQuery AJAX 403的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!

07-24 11:31
Powered by LMLPHP ©2024 禁止使用JQuery 0.037280