i'm using the framwork yii2 and i have a problem in the contact page when i try to send an email i got this error "yii2 Swift_TransportException Expected response code 250 but got code "550" " even though the configuration of the mailer is correct
'mailer' => [
'class' => 'yii\swiftmailer\Mailer',
'useFileTransport' => false,
'transport' => [
'class' => 'Swift_SmtpTransport',
'host' => 'my host',
'username' => ' my email ',
'password' => 'my password',
'port' => '587',
'encryption' => 'tls',
],
]
-the website is live not in the localhost
-the mailer works fine when i send an email from my email to another but not the opposite
please help me
The essence of the problem is that the mail server returned an error code 550 in response to a request from the swiftmailer library to "send a mail".
Therefore, you should look at the logs of your mail server.
If access to the mail server log is difficult, then pay attention to the connection settings that you specify in the config.
Often, this 550 error occurs due to incorrectly specified encryption / port settings or incorrect configuration smtp-system of your mail server (if you use your own custom configured mail-server).
For testing, try connecting with the same settings via a desktop mail client (like Thunderbird, Outlook, etc) and send testing mail.
For contact forms, the better way to send mail from your own email to your own email (it may even be the same email).
And in addition to this add "return address" - the Reply-To header (exactly the email that the user entered into the contact form).
As a result, you will have a set of headers like this:
From: your#domain.com
To: your#domain.com
Reply-To: client#gmail.com
The security policy of most mail systems prohibits sending letters on behalf of third-party email.
Even if you succeed, then with a very high probability such a mail will be rejected by the receiving party - because the sender's email does not match the sending server (simply put).
Most likely for these reasons, you have this error.
If you are interested, you may enable logging in swiftmailer - perhaps you will see interesting details in the logs:
https://www.yiiframework.com/extension/yiisoft/yii2-swiftmailer/doc/api/2.1/yii-swiftmailer-logger
Related
I have two backend applications which use same database. If a user logs into one application and navigate other application url in another tab it loads inner pages without login to that application. Is this possible to restrict that or is this expected functionality?
Application 1 - www.test.com/app1
Application 2 = www.test.com/app2
I have to set who can access one application and who can access second application. Is it possible to do so? Is it possible to do with RBAC? Currently we implement permission based table set and try to check permission when login and navigating pages whether pages have sufficient privileges to do so.
Thanks
You need to change the name for the session cookie that is generated, my guess is that you are experiencing this because the name for the session cookie in both the apps is the same, and you are using the same browser to verify the App2 when you login to APP1, which forces the browser to read the same cookie for the session and finds you are already logged in.
Change them in the configs for both the applications like below
Application 1
'session' => [
// this is the name of the session cookie used for login on the backend
'name' => 'app1-frontend',
'class' => 'yii\web\DbSession',
'cookieParams' => [
'httpOnly' => true,
],
],
Application 1
'session' => [
// this is the name of the session cookie used for login on the backend
'name' => 'app2-frontend',
'class' => 'yii\web\DbSession',
'cookieParams' => [
'httpOnly' => true,
],
],
if you want separate logins for the frontend and backend you can do the same for the frontend and backend configs too.
I've installed mediawiki on an Amazon ec2 server.
The server has only apache, php, mariadb and mediawiki
I'm using mediawiki 1.35, with the bundled VisualEditor and ParsoidPHP
I can use VisualEditor to edit a new page, but it will not save, and when I edit an existing page, I get the blue progress bar followed by the error:
Error contacting the Parsoid/RESTBase server: (curl error: 28) Timeout was reached
I've tried configuring parsoid using instruction I've found on the web :
$wgVirtualRestConfig['modules']['parsoid'] = [
// URL to the Parsoid instance - use port 8142 if you use the Debian package - the parameter 'URL' was first used but is now deprecated (string)
'url' => 'http://myIpAddress:8000',
// Parsoid "domain" (string, optional) - MediaWiki >= 1.26
'domain' => 'myIpAddress',
// Parsoid "prefix" (string, optional) - deprecated since MediaWiki 1.26, use 'domain'
'prefix' => 'myIpAddress',
// Forward cookies in the case of private wikis (string or false, optional)
'forwardCookies' => true,
// request timeout in seconds (integer or null, optional)
'timeout' => null,
// Parsoid HTTP proxy (string or null, optional)
'HTTPProxy' => null,
// whether to parse URL as if they were meant for RESTBase (boolean or null, optional)
'restbaseCompat' => null,
];
The best effect I get is a 404, or a 400. This configuration is not working.
I haven't made any other changes to the settings.
if I call parsoid directly:
http://MyIpAddress/api.php?action=visualeditor&paction=parse&page=Main_Page
I see the timeout thusly:
{
"error": {
"code": "apierror-visualeditor-docserver-http-error",
"info": "Error contacting the Parsoid/RESTBase server: (curl error: 28) Timeout was reached",
"*": "See http://MyIpAddress/api.php for API usage. Subscribe to the mediawiki-api-announce mailing list at <https://lists.wikimedia.org/mailman/listinfo/mediawiki-api-announce> for notice of API deprecations and breaking changes."
}
}
Based on my testing, it appears that parsoid is using the $wgServer variable to make a local connection to rest.php
Using curl, I'm able to connect to http://localhost/rest.php/v1/page/Main_Page
But, not to http://myipaddress/rest.php/v1/page/Main_Page or http://mydomainname/rest.php/v1/page/Main_Page both of these timeout. The apache server can't connect to itself
So, theoretically, I should be able to set
$wgVirtualRestConfig['modules']['parsoid']['domain']='localhost';
But that results in a 404, instead of a timeout.
In the end, I added my domain name to /etc/hosts and pointed it to 127.0.0.1 and that works fine. It feels like a hack, and I must use a domain name, not just an iP.
We've run into this problem several times.
In one case, it was a matter of access control.
Parsoid makes HTTP requests to the MediaWiki site. We're restricting access to certain actions using the Lockdown extension,
and we had to exempt Parsoid, which can be done in several ways, e.g.:
if (($_SERVER['REMOTE_ADDR'] !== '127.0.0.1') && ($_SERVER['REMOTE_ADDR'] !== $_
SERVER['SERVER_ADDR'])) {
# don't lock down any pages for Parsoid, or the VisualEditor will break on them
wfLoadExtension('Lockdown');
}
I initially created an app and starting developing it using only the data:read scope. I have now realized that I need the data:create scope as well.
Is there something within the app settings that I need to change?
Does the create scope include read permissions and then write scope include create and read - or does that scope have to be sent separately?
If separately, how is that done when the user is granting permission to the app? Is it something like &scope=data:read&scope:create
I don't have to store and then use two tokens, do I?
How is this handled when using curl? Are the read and create scopes sent in an array like so ...
$response = $client->request('POST', 'https://developer.api.autodesk.com/authentication/v1/gettoken', [
'form_params' => [
'grant_type' => 'authorization_code',
'code' => $authCode,
'client_id' => $FusionID,
'client_secret' => $FusionSecret,
'redirect_uri' => 'https://www.example.com/fusionauth',
'scope' => array('data'=>'create', 'data'=>'read')
]
]);
Again, it may be that you only use the scope you need and you have to store separate tokens, but that doesn't seem right to me.
Is there something within the app settings that I need to change?
If by app settings you meant in the Forge App portal then you only have to specify there the APIs (make sure they are checked on the page) that your app will need to access.
Does the create scope include read permissions and then write scope include create and read - or does that scope have to be sent separately?
No doesn't work like that - you will need to specify each one of them explicitly.
If separately, how is that done when the user is granting permission to the app? Is it something like &scope=data:read&scope:create
Nope the scope variables are delimited by space. For 3-legged oauth you will need to obtain an authorization code through redirecting the user to authenticate at our login portal before you go for access tokens and there you will need to indicate the redirection address and scope combinations in the request URL (don't forget to URLEncode them) such as https://developer.api.autodesk.com/authentication/v1/authorize?response_type=code&client_id=obQDn8P0GanGFQha4ngKKVWcxwyvFAGE&redirect_uri=http%3A%2F%2Fsampleapp.com%2Foauth%2Fcallback%3Ffoo%3Dbar&scope=data:read. See here for details.
And check out our official PHP client SDK - should save you tons of effort and time.
I don't have to store and then use two tokens, do I?
If your token carries sufficient permissions (say data:read and data:create) then no.
How is this handled when using curl? Are the read and create scopes sent in an array like so ...
For cURL see samples here: https://forge.autodesk.com/en/docs/oauth/v2/tutorials/get-2-legged-token/
And like we went through above you will need to specify the scopes when redirecting the user to authenticate so in your request to fetch the eventual access token you'd should something like:
$response = $client->request('POST', 'https://developer.api.autodesk.com/authentication/v1/gettoken', [
'form_params' => [
'grant_type' => 'authorization_code',
'code' => $authCode,
'client_id' => $FusionID,
'client_secret' => $FusionSecret,
'redirect_uri' => 'https://www.example.com/fusionauth'
)
]
]);
Enviroment: IIS 8 behind a Cloudflare Proxy
I'm using Yii2 Access Rules behind Cloudflare to restrict actions by IPS, which works fine when not using a Cloudflare proxy. I'd like to proxy through Cloudflare so I can use some of their features but if I do at present Yii see Cloudflare server addresses not the clients IP.
I believe the Yii2 Acces Rule restricting actions by IPS uses the REMOTE_ADDR header, I would like to use the header HTTP_CF_CONNECTING_IP. Any ideas on how best to achieve this?
Am I best achieving this through Yii2 with an override or IIS itself or...?
You need to configure Request::$trustedHosts to IPs range of your proxy and Request::$ipHeaders to list of allowed headers which will be used to obtain use IP. For example in your web config:
'request' => [
// ...
'trustedHosts' => [
'10.0.2.0/24' => [
'HTTP_CF_CONNECTING_IP',
],
],
'ipHeaders' => [
'HTTP_CF_CONNECTING_IP',
],
],
Make sure that you configure IPs in trustedHosts correctly - all hosts which matches specified range will be able to fake user IP by sending HTTP_CF_CONNECTING_IP header.
You can read more about trusted proxies in guide.
Just to confirm I have this working using the following in my web.config
'request' => [
// ...
'trustedHosts' => [
'103.21.244.0/22' => [
'cf-connecting-ip',
],
// ...
],
'ipHeaders' => [
'cf-connecting-ip',
],
],
Cloudflare IPs can be found here: Cloudflare IP Range
Error:
Unable to verify your data submission error
Create one public function in Yii2. But, submit data not accept in this method,
see following error images. Why is this happen?
If you create the form manually (i.e. without using the yii form methods), you should add an input field like this:
<input type="hidden" name="_csrf" value="<?=Yii::$app->request->getCsrfToken()?>" />
source: http://zero-exception.blogspot.com/2015/01/yii2-using-csrf-token.html
Add this in the head section of your layout: <?= Html::csrfMetaTags() ?>
There are various solutions to this problem, I guess understanding why it happened in the first place helps solve the problem.
It is either caused by an invalid csrf token,user generated csrf token, expired csrf token, all these 'csrf' issues will arise when you have custom forms built not using the 'ActiveForm' class.
If CSRF is not the issue,
Its other cause occurs when you try to upload multiple files and the web server cannot handle the load. Some properties to check on this to make sure you are on the right track is to claculate the size of files one is attempting to upload and check the web server's post_max_size and upload_max_filesize
If you are running linux, check php.ini file for inputs like these:
; Maximum size of POST data that PHP will accept.
; Its value may be 0 to disable the limit. It is ignored if POST data reading
; is disabled through enable_post_data_reading.
; http://php.net/post-max-size
post_max_size = 8M
; Whether to allow HTTP file uploads.
; http://php.net/file-uploads
file_uploads = On
; Maximum allowed size for uploaded files.
; http://php.net/upload-max-filesize
upload_max_filesize = 2M
Based on your calculations, adjust the above php.ini parameters to suite your needs, then test.
I had a similar problem and I solved it.
To permanently disable csrf validation in whole application add below code in your configurations.
$config = [
'components' => [
'request' => [
'enableCsrfValidation' => false,
],
],
];
Also sometimes you can get this error using Yii 2.0 due to the post_max_size, upload_max_filesize, max_input_time also too maybe the webserver can be trimming the post so verify on nginx - client_max_body_size or in apache - LimitRequestBody
Disable for only specific action
/**
* #inheritdoc
*/
public function beforeAction($action)
{
if ($action->id == 'my-action') {
$this->enableCsrfValidation = false;
}
return parent::beforeAction($action);
}
Check whether there is hidden input in your form with CSRF token. It should look like
<input type="hidden" name="_csrf" value="ZEZ6Y0xrY3ARGS42fTwhMQgkDgF6BCEGEx4SMXQMBR4CPy0iPCIwNQ==">
A long story has been discussed here github
So disabling csrf somehow unsure for ajax request. I have met this issue many times.
So remember to send _csrf key when you send data by POST via ajax.
Updated from yii 2.0.12 to 2.0.30
Have this bad request error 400
Got the Html::csrfMetaTags() in the header layout.
using activeform,therefore is not caused by missing csrf token in the
form. And checked already through inspect.
I solved this through adding below code to the backend/config/main.php.
'components' => [
'request' => [
'csrfParam' => '_backend_csrf',
],
Is it a correct way or will it cause security issue?
A little differentiation to dchakarov's answer due to Yii2 tiers using instead of
_csrf variable _frontendCsrf.
<input type="hidden" name="_frontendCsrf" value="<?=Yii::$app->request->getCsrfToken()?>" />
This is a second time this question did not help me even though I posted a comment previously, so I have to post a response.
$csrf = \yii::$app->request->csrfParam;
$token = \yii::$app->request->csrfToken;
//start from
echo Html::hiddenInput($csrf,$token);
//end from
Switched website form https to http and had the issue come up. Updated the request config by commenting the below lines to resolve.
'request' => [
'cookieValidationKey' => 'SomeRandomKeyValidationString',
//'csrfCookie' => [
// 'httpOnly' => true,
// 'secure' => true,
//],
Add this in your controller:
public $enableCsrfValidation = false;