|
New Coder
Join Date: Oct 2008
Posts: 26
Thanks: 7
Thanked 0 Times in 0 Posts
|
Problems with mod_security on submiting complicated form
Hello there,
I'm having some troubles with mod_security on my host. I have a form with many <select> options, text input fields and a textarea in which i use tinymce for editing text. When i submit the form, i get a 403 Forbidden error:
Code:
Forbidden
You don't have permission to access /admin/edit.php on this server.
Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.
I have made another copy of the form without editor where i get the same error if in the textarea is found any html syntax (even <br> or <b> or <strong>). If i submit the form withour any html syntax, everything works greate, without problems.
I contacted support of the host provider to deactivate mod_security for /admin/ folder but they don't want to do it, but they made some exception rules in mod_security configuration, exceptions that works for a while but now is not working anymore and i'm having this problem again. Maybe they have made a reste of rules or anything like this.
Now, i'm wondering if exist any way to pass mod_security. Can anyone help me on this, please?
Text area with editor looks like this:
Code:
<!-- Load TinyMCE -->
<script type="text/javascript" src="includes/tiny_mce/jquery.tinymce.js"></script>
<script type="text/javascript">
$().ready(function() {
$('textarea.tinymce').tinymce({
// Location of TinyMCE script
script_url : 'includes/tiny_mce/tiny_mce.js',
// Keto dy rrjeshta jane per te rregulluar url e image
remove_script_host : false,
convert_urls : false,
// General options
theme : "advanced",
plugins : "autolink,lists,pagebreak,style,layer,table,save,advhr,advimage,advlink,emotions,iespell,inlinepopups,insertdatetime,preview,media,searchreplace,print,contextmenu,paste,directionality,fullscreen,noneditable,visualchars,nonbreaking,xhtmlxtras,template,advlist",
// Theme options
theme_advanced_buttons1 : "save,newdocument,|,bold,italic,underline,strikethrough,|,justifyleft,justifycenter,justifyright,justifyfull,styleselect,formatselect,fontselect,fontsizeselect",
theme_advanced_buttons2 : "cut,copy,paste,pastetext,pasteword,|,search,replace,|,bullist,numlist,|,outdent,indent,blockquote,|,undo,redo,|,link,unlink,anchor,image,cleanup,help,code,|,insertdate,inserttime,preview,|,forecolor,backcolor",
theme_advanced_buttons3 : "tablecontrols,|,hr,removeformat,visualaid,|,sub,sup,|,charmap,emotions,iespell,media,advhr,|,print,|,ltr,rtl,|,fullscreen",
theme_advanced_buttons4 : "insertlayer,moveforward,movebackward,absolute,|,styleprops,|,cite,abbr,acronym,del,ins,attribs,|,visualchars,nonbreaking,template,pagebreak",
theme_advanced_toolbar_location : "top",
theme_advanced_toolbar_align : "left",
theme_advanced_statusbar_location : "bottom",
theme_advanced_resizing : true,
// Example content CSS (should be your site CSS)
content_css : "css/content.css",
// Drop lists for link/image/media/template dialogs
template_external_list_url : "lists/template_list.js",
external_link_list_url : "lists/link_list.js",
external_image_list_url : "lists/image_list.js",
media_external_list_url : "lists/media_list.js",
// Replace values for the template plugin
template_replace_values : {
username : "Some User",
staffid : "991234"
}
});
});
</script>
<!-- /TinyMCE -->
<textarea id="ofertaInfo" name="ofertaInfo" style="width:80%; height:auto; min-height:300px;" /><?=stripslashes($ofertaInfo);?></textarea>
Thank you in advance!
|
|
Before you post, read our: 
