Yii Framework Forum: CFileBrowser - bad request code 400 - Yii Framework Forum

Jump to content

Page 1 of 1
  • You cannot start a new topic
  • You cannot reply to this topic

CFileBrowser - bad request code 400 Rate Topic: -----

#1 User is offline   dojoh 

  • Newbie
  • Yii
  • Group: Members
  • Posts: 2
  • Joined: 10-November 10

Posted 14 February 2011 - 06:57 AM

hi everybody,

i've experienced some problems trying to use the FileBrowser Widget (i'm not allowed to link it... first post).
i've included the code to one of my views:

<?php $this->widget('application.extensions.cfilebrowser.CFileBrowserWidget',array(
                'script'=>array('object/filebrowser'),
                'root'=>'/',
                'folderEvent'=>'click',
                'expandSpeed'=>1000,
                'collapseSpeed'=>1000,
                'multiFolder'=>true,
                'loadMessage'=>'File Browser Is Loading...hang on a sec',
                'callbackFunction'=>'alert("I selected " + f)'
)); ?>	

in the ObjectController i added the following:
	public function actionFileBrowser()
	{
		$root = '/';
		
		$_POST['dir'] = urldecode($_POST['dir']);

		if( file_exists($root . $_POST['dir']) ) {
			$files = scandir($root . $_POST['dir']);
			natcasesort($files);
			if( count($files) > 2 ) { /* The 2 accounts for . and .. */
				echo "<ul class=\"jqueryFileTree\" style=\"display: none;\">";
				// All dirs
				foreach( $files as $file ) {
					if( file_exists($root . $_POST['dir'] . $file) && $file != '.' && $file != '..' && is_dir($root . $_POST['dir'] . $file) ) {
						echo "<li class=\"directory collapsed\"><a href=\"#\" rel=\"" . htmlentities($_POST['dir'] . $file) . "/\">" . htmlentities($file) . "</a></li>";
					}
				}
				// All files
				foreach( $files as $file ) {
					if( file_exists($root . $_POST['dir'] . $file) && $file != '.' && $file != '..' && !is_dir($root . $_POST['dir'] . $file) ) {
						$ext = preg_replace('/^.*\./', '', $file);
						echo "<li class=\"file ext_$ext\"><a href=\"#\" rel=\"" . htmlentities($_POST['dir'] . $file) . "\">" . htmlentities($file) . "</a></li>";
					}
				}
				echo "</ul>";	
			}
		}
	}


But i don't see i thing if i try to run the widget. (well if i look at the sourcecode the scripts are included,the <div id="filebrowser"></div> is included etcpp.)
i've traced the problem down by looking at the apache accesslog file:

Quote

127.0.0.1 - dojoh [14/Feb/2011:12:00:12 +0100] "POST /yii2/3ddb/object/filebrowser HTTP/1.1" 400 37 "URL again can't post it as this is my first post..." "Mozilla/5.0 (Windows; U; Windows NT 6.1; de; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13"


i've tried localhost/yii2/3ddb/object/filebrowser (well it returns a blank page as there is no post data set...)

i'm running windows 7 with xampp (version 1.7.3, Apache 2.2.14, PHP 5.3.1) and i'm using mod_rewrite:
.htaccess
Options +FollowSymLinks
IndexIgnore */*
RewriteEngine on

# if a directory or a file exists, use it directly
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d

# otherwise forward it to index.php
RewriteRule . index.php

wich works fine...

so by now i don't know what else to try. do you have any suggestions?


thanks a lot.
Ole
0

#2 User is offline   dojoh 

  • Newbie
  • Yii
  • Group: Members
  • Posts: 2
  • Joined: 10-November 10

Posted 16 February 2011 - 06:30 AM

hi,

just found the problem:

i enabled the XSS protection
config file:

'request'=>array(
           'enableCsrfValidation'=>true,
),


just removed it and it works perfectly.
as i don't have any experiance with cross site scripting i was woundering if its possible to create some kind of exception? or how to aproach this.
0

Share this topic:


Page 1 of 1
  • You cannot start a new topic
  • You cannot reply to this topic

1 User(s) are reading this topic
0 members, 1 guests, 0 anonymous users