We Keep Coding

CakePHP 3 Post Method '403 Forbidden'

I came across a really strange issue today and couldn't find any solution. I am using CakePHP 3 along with MySQL and Apache. Everything was working perfect until today but when I tried to edit one of the forum post, it didn't save and I got 403 Forbidden response. Following is the response I got:
Request URL:https://www.example.com/users/edit/2
Request Method: POST
Status Code:403 Forbidden
The strange part is that it is working fine when I try to create new forum post as well as for GET request when I load the edit page. But when I modify the fields and try to save, I get stuck with 403 Forbidden.
I tried every mean in last 6 hours but could not find any solution. I checked database user for edit permissions, tried to remove .htaccess file completely, cleared browser cache and cookies but nothing helped at all. The other websites in hosting account are working fine and there is no issue with them.
The only notable thing I did today is I initialized GIT repository and uploaded project files on git. I would really appreciate your help in solving this issue. It is really a constant headache not to be able to modify anything.

Just for the future reference, I solved this issue by explicitly defining request type to POST in $this->Form->create function.
It was one of the strangest error I came across while using CakePHP 3! Not sure why default PUT method was not working. It was converting to GET.

Huh, finally i found the culprit itself by my own.. This is the explanation that i got, here you go:
If you are using csrf for security in cakephp you might found that every damn POST,GET,PUT in ajax or form will be filtered by cakephp and if not auth found cakephp will respond with 403 HTTP Status..
That mean you have to put some csrf token that like a bearer token on every your request so the cakephp recognize that request. See, if you are using AJAX call so you have to put csrf token manually explained here : https://book.cakephp.org/3.0/en/controllers/components/csrf.html
If you created a form manually you have to put the token inside the form itself, if you creating a form using cakephp helper you will see that cakephp generated some hidden parameter like this one
<form enctype="multipart/form-data" method="post" accept-charset="utf-8" action="/SFW/CMS/event/comment">
<div style="display:none;">
<input type="hidden" name="_method" value="POST">
<input type="hidden" name="_csrfToken" autocomplete="off" value="2a39630d2a1c20d43xxxx">
</div>
......
So the option is only put those hidden field on your manually generated form.
Good luck

If you don't care about security you can disable the middleware check in your controller:
public function beforeFilter(Event $event)
{
$this->getEventManager()->off($this->Csrf);
}
Reference:
https://book.cakephp.org/3/en/controllers/components/csrf.html

Magento Valid url redirects to 404

I am facing some issue with product url. Url seems to look fine but some times it's get redirected to 404 and the url-key value in address bar is getting replaced with 'null'.
I am not able to find any clue why its happening.
Can you any body suggest proper method to debug such issue?
Thank You.

This is basically URL rewrite issue. Check if the url rewrites are enabled: System> Configuration > Web > Search Engine Optimization > Use Web Server Rewrites.
And if the problem still persists do check your exception.log file

I'm aware this is a 2 year old post, but I had this issue today...
all previously valid product urls got a 404 error
after a lot of failed attempts of figuring out what was going on I asked someone to take a look, to which they replied: Err, What's wrong? ...
apparently everything was fine, but my own user's session/cookie had bad data, or something.
Removing the bad cookie fixed this.
I have no idea specifically what it was because I did not think of keeping a backup of the bad cookie/session data to investigate.
But I'm guessing it had something to do with my session's customer id or user id
Next exception 'Zend_Db_Statement_Exception' with message 'SQLSTATE[HY000]:
General error: 1032 Can't find record in 'report_viewed_product_index',
query was: INSERT INTO `report_viewed_product_index`

The matched route does not include a 'controller' route value on AJAX call (Sitecore)

I am having an issue with an AJAX call to a controller action, using POST and having 3 parameters sent and return JSON data. Whenever I try to call that on the developement server, it throws a 500 (Internal Server Error), with the description
The matched route does not include a 'controller' route value, which is required.
The main problem with this, is that on my local machine it actually works. The way the websites I am working on are structured, is without any App_Start files (so no custom route config).
Is there anyone who could help me with this? I am struggling with this for days now. Please keep in mind that I am trying this in Sitecore 7.1 (MVC) and IIS 7.5.
Thank you.
Best regards,
Marius.

The absence of App_Start files in your solution doesn't guarantee there aren't any custom routes. Check Global.asax in your local environment vs your development server as this is another area where custom routes may have been set up.

Add role dynamically without db while logging in in Yii2

How can I add a role to a user at the time of log in based on his username. I think it can be accomplished using yii\rbac\PhpManager . I tried something like
$r=new PhpManager;
$r->init();
$r->createRole("1","admin");
$r->save();
$r->assign('1','admin');
where 1 is user id and admin is the intended role.
But I am getting an error
Unknown Method – yii\base\UnknownMethodException
Calling unknown method: yii\rbac\PhpManager::save()
What is the error here? or which is the right method?

Do not call ->save, there is no save function for PHP manager, if you remove $r->save(); it should all work ok I believe.
http://www.yiiframework.com/doc-2.0/yii-rbac-phpmanager.html
In the official docs they never call save() on anything
http://www.yiiframework.com/doc-2.0/guide-security-authorization.html

sfErrorNotifierPlugin: The "default" context does not exist

I have installed the sfErrorNotifierPlugin. When both options reportErrors/reportPHPErrors reportPHPWarnings/reportWarnings are set to false, everything is ok. But I want to catch PHP exceptions and warnings to receive E-mails, but then all my tasks fail, including clear-cache. After few hours of tests I'm 100% sure that the problem is with set_exception_handler/set_error_handler.
There's a similar question:
sfErrorNotifierPlugin on symfony task but the author there is having problems with a custom task. In my case, even built-in tasks fail.

I haven't used sfErrorNotifierPlugin, but I have run into 'The “default” context does not exist.' messages before. It happens when a call is made to sfContext::getInstance() and the context simply doesn't exist. I've had this happen a lot from within custom tasks. One solution is to add sfContext::createInstance() before the call to sfContext::getInstance(). This will ensure that a context exists.
There's an interesting blog post on 'Why sfContext::getInstance() is bad' that goes into more detail - http://webmozarts.com/2009/07/01/why-sfcontextgetinstance-is-bad/

Well, the problem could not be solved this way, unfortunately. Using sfErrorNotifierPlugin, I have enabled reporting PHP warning/errors (apart from symfony exceptions) and this resulted in huge problems, e.g. built-in tasks such as clear-cache failed.
The solution I chose was to load the plugin only in non-task mode (project configuration class):
public function setup()
{
$this->enableAllPluginsExcept('sfPropelPlugin');
if ('cli' == php_sapi_name()) $this->disablePlugins('sfErrorNotifierPlugin');
}
WHen a task is executed, everything works normally. When an app is fired from the browser, emails are sent when exception/warning occurs (maybe someone will find it useful).

Arms has explained the problem correctly. But usually context does not exist when executing backend/maintenance tasks on the console. And it is easier if you handle the condition yourself.
Check, if you really need the context?
If you do, what exactly do you need it for?
Sometimes you only want a user to populate a created_by field. You can work around by hard-coding a user ID.
If you want to do something more integrated, create a page (which will have a context) and trigger the task from there.

you can test the existance of the instance before doing something inside a class. Like:
if(sfContext::hasInstance())
$this->microsite_id = sfContext::getInstance()->getUser()->getAttribute('active_microsite');

I've been experiencing the same problem using the plugin sfErrorNotifier.
In my specific case, I noticed a warning was raised:
Warning: ob_start(): function '' not found or invalid function name in /var/www/ncsoft_qa/lib/vendor/symfony/lib/config/sfApplicationConfiguration.class.php on line 155
Notice: ob_start(): failed to create buffer in /var/www/ncsoft_qa/lib/vendor/symfony/lib/config/sfApplicationConfiguration.class.php on line 155
So, checking the file: sfApplicationConfiguration.class.php class, line 155,
I've replaced the ' ' for a null, then the warnings disappears, and also the error!
ob_start(sfConfig::get('sf_compressed') ? 'ob_gzhandler' : ''); bad
ob_start(sfConfig::get('sf_compressed') ? 'ob_gzhandler' : null); good