WebsiteBaker Support (2.13.x) > Modules
Guestbook problem after upgrade
sternchen8875:
--- Quote from: RonR on March 01, 2025, 12:58:59 PM ---But I still get 403's , I managed to reproduce the 403 error also on jacobi22 guestbook
Firefox devconsole: SyntaxError: Element.querySelect orAll: '*,:x' is not a valid selector
I am starting to think this is a jquery script error which stops even before a destination is handled.
Element.querySelect orAll is aslo one line below the WB_REL in the script.
--- End quote ---
sorry, but i cannot confirm this.... :|
the only way, to get the 403 is a click on a link on the browser history after i send the form to the guestbook
the problem for the missing WB_REL (and maybe some more issues in JS) is the missing definition of some variables for Javascript like this
<script>
/* inserted by register_frontend_m odfile 2.13.6.237 */
var WB_URL = 'https://www.xxxxxxx.com';
var WB_REL = '';
var THEME_URL = 'https://www.xxxxxxx.com/templates/DefaultTheme';
var TEMPLATE_DIR = 'https://www.xxxxxxx.com/templates/DefaultTemplate';
var TEMPLATE = 'DefaultTemplate';
var EDITOR = 'ckeditor';
var LANGUAGE = 'DE';
</script>
you dont need register_frontend_m odfiles('js'); in your frontend-template, but if you need one of the here defines JS-Variables, you've to defined somewhere before you use it
on my test-page, i use the DefaultTemplate in original, WB_URL is defined there
RonR:
i just deleted the WB_REL from the captcha-script, website is on the root anyway. Registered_frontend _modfiles enabled. No more errors on devconsole.
I now still have 403's to /pages/, when hitting the submit button, but they have become fewer in number now:
it used to be 1 on +/- 8 entries
now 1 on +/- 20 entries.
Not fixed but better.
sternchen8875:
So, the 403 error comes from the file gstbk_save.php line 90 or line 152
respectively this code
--- Code: ---header('Location: '.WB_URL.PAGES_DIRECTORY);
--- End code ---
replace with
--- Code: ---header('Location: '.WB_URL.'/index.php');
--- End code ---
in the area around line 90 in gstbk_save, the content sent by the form is checked in the basic values, i.e. section ID, page ID, the "name" field and the text field for content as well as a honypot field to see whether it has been sent. If there are problems here, cancellation and redirection to the start page
in the area around line 150, the fields sent by POST and the session data are checked, including a time check.
If the time between opening the form and submitting it is less than 10 seconds, the script suspects a bot and redirects to the start page (or in the old script still to the pages directory, which then generates the 403
Now I can imagine that it could be sent faster than 10 seconds, especially in testing, but only you can know that.
3 values are set in the mod_captcha database table, but these cannot be changed in the WB admin area using the form (AdminTools -> CaptchaControl).
'asp_session_min_age'=>'20', // use in News-module for comments
'asp_view_min_age'=>'10', // use in guestbook, gstbk_save.php
'asp_input_min_age'=>'5', // use in News in News-module for comments
You could try to set a different, shorter value in the database, e.g. 5 or in the file gstbk_save.php in line 142 this line here
--- Quote ---(!isset($_SESSION['comes_from_view_gb_ time']) OR $_SESSION['comes_from_view_gb_ time'] > $t-ASP_VIEW_MIN_AGE) OR // user is too fast (10sec)
--- End quote ---
replace with
--- Quote ---(!isset($_SESSION['comes_from_view_gb_ time']) OR $_SESSION['comes_from_view_gb_ time'] > $t-ASP_INPUT_MIN_AGE) OR // user is too fast (5 Sec)
--- End quote ---
RonR:
Solved! I am happy! Thanks for your help!
I was not aware there was a timer active for the ASP, that explains when testing I get 403's, because quickly using autofill.
You are a hero! Keep up the good work!
Greetz, Ron.
sternchen8875:
Honestly now or are you just fed up ;-)
Tell me, which timer setting did you use? I'll incorporate that into a new version
Navigation
[0] Message Index
[#] Next page
[*] Previous page
Go to full version