Hi @fcarll ,
Pls i need an assistance, As ad admin, when i want to modify a user, it throws a 403 forbidden error. How can i stop this?
What do i have to do? i use ver 19.02
I would suggest that you check both ownership and permissions of the files.
I hope that helps.
Frank
Ok Thanks, the permissions 755 and 644 for the folder and files are okay, maybe its a code restriction…
please post the exact error message, the apache logs and the dolibarr.log file from the Documents folder.
Did you edit that file?
Tested some changes on that lines of user, self, write to user , self write and reverted when it didnt work
Thank you for this awesome reply, however, i dont have the slightest idea about the above, is it that something is wrong with the code or the file itself is corrupt or …
I was counting wrongly, grep -c counts lines, not occurences. If I count with tr -c -d ‘(’ | wc -c then I get an equal amount of parentases
JonSweet16:user jonbendtsen$ cat card.php | tr -c -d '{' | wc -c
493
JonSweet16:user jonbendtsen$ cat card.php | tr -c -d '}' | wc -c
493
The line that is displayed in the error log is not necessarily the source of the error, but gives an indication of where to look.
To narrow down the error further, you can perhaps also display the content of the variables $user->id, $id and $canreaduser.
Or remove lines 129 and 131, if accessforbidden() is then executed then something is wrong with the If query.
print "<br>ID: ".$id;
print "<br>User-ID: ".$user->id;
print "<br>can: ".$canreaduser;
exit;
if ($user->id != $id && !$canreaduser) {
accessforbidden();
}
This shows the content of the 3 variables and then stops execution.
Thank you so much for this guide.
Just to be sure i understand, The code to display the …, am i to add it to the query? if yes, where should i add it? and if no, how would i test…
To remove lines 129 - 131 you mean i should comment on the lines so that it wont execute right?
Add the 4 lines as shown (in your example: after line 127)
Then try again to modify the user.
Now you see 3 lines similar to
Not remove 129 - 131, only comment line 129 AND 131. It looks like this:
Then try again to modify the user.
Now you see hopefully the page “Access denied …”, if so then the problem is related to the if-query (PHP bug?)
Thank you Sir, trying it right away.
Would revert with feedback
Ok, using the display, this is what i got
ID: 3
User-ID: 1
can: 1
But what does it mean? Does that mean because the values for the admin number and user number are not same, that is why access is denied?
I want to comment the lines 129 and 131 to see the result
The image is the feedback after commenting on lines 129 and 131
What could now be the issue to be resolved?
Ok, accessforbidden() is working as expected.
You can now try the following code instead of line 129
if ($user->id != $id && $canreaduser != 1) {
If this throws the error again then change line 129 to this:
if (($user->id != $id) && ($canreaduser != 1)) {
BTW: which PHP-version do you use?
Php ver 8.1 is what the server runs
Besides the 2 code lines are same, is there not an omission somewhere? you missed something?
Ok will try it and see
Thank you so much,
Yes, the 2 lines are identical, but may be interpreted/executed differently by PHP
Ok, based on the parenthesis right? I just saw the diff in parenthesis.
let me try now and would revert
Thank you
Access denied continued using the code, However, i now used
if (($user->id != $id) && (!$canreaduser = 1)) {
accessforbidden();
}
And i could edit the user, Howbeit, if i try to edit the signature part, it throws the Access denied 403 forbidden error
