Comments (11)
In back office I had a similiar behavior when I approved a comment (the previous comments tests were done with the admin logged user, so no approvation was needed):
www.example.com/qa13/admin/comment/list/www.example.com
No problem on other things (so far tested) like adding Artilcles. It seems circumscribed to just comments.
from cms.
I was unable to reproduce this issue on my server,
but for what you described before I think this is not a QA issue:
Node.Controller/NodeController.php, 197:
$this->redirect($this->referer());
Comment.Controller/ListController.php, 56:
$this->redirect($this->referer());
In both cases the problem is caused by an incorrect return of the referer()
method or an incorrect redirection of redirect()
.
And both are cakephp's methods.
Can you check the value of the $this->referer()
part in order to verify if its returned value is ok ?
RewriteBase
may produce unexpected behaviors under virtualhosts.
Also, is RewriteBase
really necessary? Here you can check the same configuration you described:
http://cms.quickapps.es/gabri/
As you can see, gabri
site is installed just in the root of the cms.quickapps.es
site, and NO RewriteBase
was required for this. I just unzipped the QA package on the gabri
directory and install as normal...
from cms.
Hi, thank you for the time you spent for this
Unfortunately it seems not possible in that hosting use QACMS (and cake) without the RewriteBase condition.
I tried to put it as root of the domain but I had to add "RewriteBase " otherwise nothing worked.
Yes, it seems something related to Cake... I found a few cake tickets regarding CakeRequest and shared host.
I'll try to debug as you mentioned and I'll tell you the result.
If I cannot solve it I'll try to install it with a different version fo cake to see if something change.
I'll let you know
Thank you
from cms.
(sorry, I meant "RewriteBase /")
from cms.
Hi,
I hope that will not be a definitive problem for me...
I've seen the Cake update so this morning I execute a fresh new install from github.
Unfortunately I cannot make it work right.
The output of referer, slug and type (in Node.Controller/NodeController.php, 197)
referer:www.example.com
slug:my-first-article
type:article
I thought that maybe a solution could be a cake installation without mod_rewrite (renaming .htaccess files and uncomment the core config property for do this), but I'm not sure about it and I should add an index.php on the root installation because of the RewriteBase issue...
Unfortunately it's not related to just Comments. I had the same issue on saving:
- qa13/admin/node/types/field_settings/7 (saving a filed of content type)
- qa13/admin/system/themes/settings/Default (saving settings on default theme)
- qa13/admin/node/contents (updading contents, ie: unpublish one content record)
- and probably more
Strange that just some kinds of updates have this awful issue...
I have a good configuration capabilities on this hosting server so I'm making some tests; I tried to use symbolic links on webroot in the way to remove the RewriteBase condition ...it displays the main page but not load css and js (images ok), maybe a symbolic link with changing uncomment the core config property to disallow mod_rewrite... I don't know...
I hope to find a solution
from cms.
So env('HTTP_REFERER')
(or $_SERVER['HTTP_REFERER']) returns www.example.com
?
see: CakeRequest::referer()
from cms.
Interesting...
Both env('HTTP_REFERER') and $_SERVER['HTTP_REFERER'] has the right address!
The problem is with env(HTTP_X_FORWARDED_HOST) that is 'www.example.com'
from cms.
The HTTP_X_FORWARDED_HOST
part was introduced to the referer() method since cakephp 2.0, I dont know why or for what...
So, theoretically...you should remove the following lines to fix all your troubles:
CakeRequest::referer()
(line:376)
$forwarded = env('HTTP_X_FORWARDED_HOST');
if ($forwarded) {
$ref = $forwarded;
}
You could try to reproduce this issue using a normal cakephp installation (without using QACMS), if the problem persists you can open a new ticket here and explain the situation:
http://cakephp.lighthouseapp.com/projects/42648-cakephp/tickets
from cms.
Yes, thank you for your support! :)
Now everything works fine
So, no bug for QACMS (soon my first website with it!)
I'll try to test a cake 2 installation and eventually open a ticket
from cms.
Glad to hear you got it!
btw, I've pushed a few mins ago, an upgrade that will break your previous QA installation:
43e5db5
So dont take your hair off if you get an error 500
after upgrade your website.
(Instruction about how to fix it in the same commit)
p.s: I want to see that website!
from cms.
Perfect!
Sure, I'll let you know when it will be online ...few weeks maybe; and of course it will have a link to the wonderful QACMS! =)
from cms.
Related Issues (20)
- Call to undefined function Search\Engine\Generic\iconv() HOT 3
- Image upload no longer working HOT 4
- Call to function isAdmin() on null in .../cms/config/functions.php on line 410 HOT 5
- facing error 500 while installation HOT 5
- An Internal Error Has Occurred. (Behavior class TreeBehavior could not be found.) HOT 9
- Error 404 - Record not found in table "roles" HOT 5
- Stored Cross-Site Scripting (XSS)
- Fatal error: [BadMethodCallException] Method getParam does not exist HOT 3
- Error 500 after finished installing HOT 12
- Do you need Filipino Translation for your CMS? HOT 4
- CSRF issue that allows attacker to create an account HOT 2
- ListField error! HOT 5
- _urlMatch Region Block module HOT 3
- PDOException Field 'public_profile' doesn't have a default value HOT 8
- EntitiesTerms Table
- The eav_attributes table HOT 1
- CSRF issue that allows attacker to change the administrator password HOT 1
- Command Excution can allowed attacker excute command
- Command Excution can allowed attacker excute remote command HOT 1
- [File upload vulnerability] CVE-2019-19576 is exist in the code!
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from cms.