CakePHP:Ajax发布请求引发403错误(权限全部授予)

本文介绍了CakePHP:Ajax发布请求引发403错误(权限全部授予)的处理方法，对大家解决问题具有一定的参考价值，需要的朋友们下面随着小编来一起学习吧！ 问题描述

Cakephp项目中的Ajax请求抛出403错误，为本地(XAMPP)中的项目目录授予了所有权限

Ajax request in Cakephp project throws 403 error, all permissions are granted for the project directory in localhost (XAMPP)

无法加载资源:服务器的响应状态为403 (禁止)/project/users/saveOrder:1

Failed to load resource: the server responded with a status of 403 (Forbidden) /project/users/saveOrder:1

var request = function() { $.ajax({ beforeSend: function() { messageBox.text('Updating the sort order in the database.'); }, complete: function() { messageBox.text('Database has been updated.'); }, data: 'sort_order=' + sortInput[0].value + '&ajax=' + submit[0].checked + '&do_submit=1&byajax=1', //need [0]? type: 'post', url: '/project/users/saveOrder', }); };

代码 UsersController:

class UsersController extends AppController { public function beforeFilter() { parent::beforeFilter(); $this->Auth->allow('saveOrder'); } public function view($id = null) { $user = $this->Users->get($id, [ 'contain' => ['Departments', 'Appointments', 'Roles', 'LeaveRequests', 'TasksTo', 'TasksFrom', 'TasksBy'] ]); $this->set('user', $user); } public function change(){ } public function saveOrder() { $this->layout = null; if ($this->request->is('post')) { $ids = explode(",", $this->request->data['priority']); //print_r($ids); die; /* run the update query for each id */ foreach ($ids as $index => $id) { if (isset($id) && !empty($id)) { $query = 'UPDATE tasks SET priority = ' . ($index + 1) . ' WHERE id = ' . $id; //$result = mysql_query($query) or die(mysql_error() . ': ' . $query); $data['id'] = $id; $data['priority'] = $index + 1; $this->Task->id = $data['id']; if($this->Task->saveField('priority', $data['priority'])) { echo $query.'<br/>'; }else { die('Error, insert query failed'); } } } die; } } }

推荐答案

您正面临此问题，因为您不允许ajax url

You are facing this issue because you haven't allow the function you are using in ajax url

在控制器的beforeFilter()中允许该功能，然后在内部传递功能名称

Allow that function in your beforeFilter() in your controller and then pass function name inside

$this->Auth->allow()

示例

public function beforeFilter() { parent::beforeFilter(); $this->Auth->allow('saveOrder'); }

有关$this->Auth->allow()

$this->Auth->allow(); //Allow all action define in your controller $this->Auth->allow('editUser'); //Allow only editUser $this->Auth->allow(['editUser', 'AddUser']); //Allow only editUser and AddUser

对于cakephp 3

For cakephp 3

将此内容放置在控制器use Cake\Event\Event;

的顶部

现在将其添加到过滤器功能

Put this in top of your controller use Cake\Event\Event;

Now add this to filter function

公共函数beforeFilter(Event $ event) {

public function beforeFilter(Event $event) {

parent::beforeFilter($event); $this->Auth->allow('saveOrder');

}