Skip Navigation

[Resolved] try UPDATE view filters (for parametric search) returns 403 from admin-ajax.php

This support ticket is created 6 years, 4 months ago. There's a good chance that you are reading advice that it now obsolete.

This is the technical support forum for Toolset - a suite of plugins for developing WordPress sites without writing PHP.

Everyone can read this forum, but only Toolset clients can post in it. Toolset support works 6 days per week, 19 hours per day.

Sun Mon Tue Wed Thu Fri Sat
- 7:00 – 14:00 7:00 – 14:00 7:00 – 14:00 7:00 – 14:00 7:00 – 14:00 -
- 15:00 – 16:00 15:00 – 16:00 15:00 – 16:00 15:00 – 16:00 15:00 – 16:00 -

Supporter timezone: Europe/London (GMT+00:00)

Tagged: 

This topic contains 13 replies, has 2 voices.

Last updated by s1 6 years, 4 months ago.

Assigned support staff: Nigel.

Author
Posts
#414881

s1
Screen Shot 2016-07-11 at 00.54.48.png

I am trying to: UPDATE/save view filters content-field (for parametric search)

I visited this URL: /wp-admin/admin.php?page=views-editor&view_id=55

I expected to see: A successful SAVE (green update)

Instead, I got: Nothing and a 403 error (if I look in developer console / Chrome browser), console returns 403 on POST from admin-ajax.php

Detail:
load-scripts.php?c=1&load[]=jquery-core,jquery-migrate,underscore,backbone,jquery-ui-core,jquery-ui…:4 POST hidden link 403 (Forbidden)

#414953

Nigel
Supporter

Languages: English (English ) Spanish (Español )

Timezone: Europe/London (GMT+00:00)

Have you been able to do this previously and this problem has recently appeared?

The 403 error suggests there is a permissions problem, the source of which may be some server security settings or a security-related plugin.

As an initial test I would de-activate all non-Toolset plugins and then try again to update your parametric search.

If that works it would appear to be a conflict with another plugin, and you can narrow down which one by gradually re-activating your other plugins, either singularly or in batches, re-testing each time, until the problem re-appears.

Let me know the results of the tests.

#415040

s1
Screen Shot 2016-07-11 at 13.30.25.png
Screen Shot 2016-07-11 at 13.32.00.png

Hi,

I tried it. I disabled all plugins, cleared my cache, etc.
Still same issue.

It's very strange. If I add something like this (via the "New Filter" button):

[wpml-string context="wpv-views"]Province:[/wpml-string] [wpv-control taxonomy="province" url_param="wpvprovince" type="select"]

Then I get the error (403).

But when I just add some text (eg. "test") then it doesn't give an error. And this is the only tag that also works:

[wpv-filter-search-box]

I added 2 screenshots to make it clear.

#415053

Nigel
Supporter

Languages: English (English ) Spanish (Español )

Timezone: Europe/London (GMT+00:00)

You also tried switching to a default theme, yes?

In which case, if we can rule out conflicts from your plugins or custom theme code then it must be an issue with your server settings.

We don't experience the problem ourselves and it isn't reported by other users.

I would consult with your systems admin or your hosting provider about why admin-ajax.php is being restricted, or you could consider adding a rule to your .htaccess file to allow access.

#415068

s1

I use the Toolset Starter Theme.

It's very strange, why does it work perfectly for certain things (like text and post search box) and not for others? It's the same POST request to the same script so it would strongly surprise me if it has something to do with server settings. Otherwise it should never work I think.

What happens in the background when saving a view filter template-content? Does Toolset "analyse" is somehow? And is there a case where it return a 403?

Thank you for your help!

#415070

Nigel
Supporter

Languages: English (English ) Spanish (Español )

Timezone: Europe/London (GMT+00:00)

I suggest you clone your site to your local computer and test it when running on localhost.

If that is not possible I can request a test installation on one of our servers where you can upload your site to see if the problem can be reproduced.

Given that we have no other reports of this issue I'm almost certain it won't be reproduced on a different server, but if you test locally and find that it is then please let me know so that I can pursue this further.

#415113

s1

My host tells me there are a lot of by the plugin on submission. For protection IP's get blocked after x requests in a short time. Could that be the cause?

Before I start pulling it all local: are there more (sub)requests happening when submitting the field with filter-code in it than just with text?

If yes, then it will probably be the cause. If not, it needs more digging.

Thank you

#415120

s1
Screen Shot 2016-07-11 at 16.25.07.png

I found out that it only happens when I add type="select"

This Works:

[wpv-control taxonomy="province" url_param="wpvprovince" default_label="-- Province --"]

This Gives 403 Error:

[wpv-control taxonomy="province" url_param="wpvprovince" type="select" default_label="-- Province --"]

This Works:

[wpv-control taxonomy="province" url_param="wpvprovince" type="checkbox" default_label="-- Province --"]

So only type="select" gives problem. I also notice a new problem, see screenshot.

I think it is a bug somewhere? Please help.

#415126

Nigel
Supporter

Languages: English (English ) Spanish (Español )

Timezone: Europe/London (GMT+00:00)

I think perhaps I should get a copy of your site so I can do some testing.

Could you please use one of the following two free plugins to create a snapshot of your site and upload it to a public url (such as dropbox or google drive) so that I can reproduce a copy of your site locally to test. You may want to set up a temporary admin account for me before you do which you can later delete.

* Duplicator. You will need to create and upload both the installer and archive packages as shown in the demo video on their plugin page: https://wordpress.org/plugins/duplicator/. You can omit un-required files such as .log, .zip files etc.

* All-in-One WP Migration. This is simple to use and is less prone to fail because of server settings than Duplicator. https://wordpress.org/plugins/all-in-one-wp-migration/. But note I can only import archives up to 512Mb in size. If they are not relevant to your issue, you can omit media files which will reduce your archive size.

I will mark your next reply as private so that you can give me the url to retrieve the backup files.

Can you also confirm the url of where I can see the problem.

Thanks for your patience.

#415154

Nigel
Supporter

Languages: English (English ) Spanish (Español )

Timezone: Europe/London (GMT+00:00)

Sorry, I was unable to use the archive to reproduce your site.

It might be better if I make the archive myself if that's okay.

I will mark your next reply as private so that you can confirm the credentials for your own site.

#415343

Nigel
Supporter

Languages: English (English ) Spanish (Español )

Timezone: Europe/London (GMT+00:00)

I think you need to disable the CLEF plugin so that I can use the credentials you provided to login.

#415355

s1

I just disabled it. Please try again. Thank you!

#415359

s1

I found out something really strange:

Just typing a quote (") + the word SELECT (anywhere) gives the 403 error.
So it's possible the problem has nothing to do with the filters itself.

Even typing it inside a page or post gives the Forbidden error.

Just try typing:

Test "select

In a new page or post.

Any ideas how this can be?

#415376

s1

Hi Nigel,

It seems to be server related (security settings).

I'm will let my server admin fix it.

Thank you in any case!

You may close/remove this topic.