|
Author
|
Message
|
|
Romeo Antony
|
Sunday 28 November 2010 10:17:47 pm
Hi, I have found a thread regarding this here. http://share.ez.no/forums/setup-design/content-action-is-not-currently-available#comment26501 But in my case(about poll class), information is collected from the form.No issues with information collection. Situation is say , when hit enter button in address bar when the address is http://www.myserver/ez/index.php/my_siteaccess/content/action getting error mesage as Object is unavailableThe object you requested is not currently available. Possible reasons for this are:
- The id or name of the object was misspelled, try changing it.
- The object is no longer available on the site.
I have double checked the code.Seems to be Ok Following is the code.
<div class="content-action">
<input type="submit" class="defaultbutton" name="ActionCollectInformation" value="{"Send form"|i18n("design/ezwebin/full/feedback_form")}" />
<input type="hidden" name="ContentNodeID" value="{$contactus.node_id}" />
<input type="hidden" name="ContentObjectID" value="{$contactus.object.id}" />
<input type="hidden" name="ViewMode" value="full" />
</div> Anyone knows something wrong with this .
|
|
Nicolas Pastorino
|
Monday 29 November 2010 1:57:12 am
Hi Romeo,
Anything relevant in the DebugOutput ?
Is this a custom template, or a stock one ? Cheeers,
--
Nicolas Pastorino
Director Community - eZ
Member of the Community Project Board
eZ Publish Community on twitter: http://twitter.com/ezcommunity
t : http://twitter.com/jeanvoye
G+ : http://plus.tl/jeanvoye
|
|
Romeo Antony
|
Monday 29 November 2010 2:26:08 am
Hi Nicolas, this is not a custom template. It is the deafult poll template in the ezwebin. DebugOutput shows nothing. In 2008 a developer had this same issue. http://share.ez.no/forums/setup-design/content-action-is-not-currently-available#comment26501 But for me , It is bit different . Information is collectied but getting error when manually typefollowing address in address bar or when I hit enter . http://www.myserver/ez/index.php/my_siteaccess/content/action But the above link is working fine If I refresh the page( I have disabled View cache ). Only issue comes when I hit enter in address bar or manually type the address . I can't get nothing wrong from error log or debug. Any help will be really appreciable
|
|
André R.
|
Monday 29 November 2010 3:50:33 am
content/action only takes actions by POST requests (with the action as a post param), when you hit enter on the url your performing a GET request without any parameters, hence why it does not understand what your trying to do.
eZ Online Editor 5: http://projects.ez.no/ezoe || eZJSCore (Ajax): http://projects.ez.no/ezjscore || eZ Publish EE http://ez.no/eZPublish/eZ-Publish-Enterprise-Subscription
@: http://twitter.com/andrerom
|
|
Romeo Antony
|
Monday 29 November 2010 4:30:57 am
Thanks a lot Andre I got you. Is it possible to change the method to GET from POST in the submitting form so that , content/action work. But If I do this the values passed by get will be seen through the URL. Do I need to dive into php If I do change the post to get. Since some values from template are taken by $http->hasPostVariable(it takes values by method post. If I use Get anything should I chnage with PHP). Can you give me an idea to to get rid of this . Or don't I worry about it?
|
|
Gaetano Giunta
|
Monday 29 November 2010 4:46:47 am
Allowing GET requests to perform some action, such as content/action does by definition, is a serious no-no in the world of http. 1. it is much easier to attack via XSS: just set an image on site X with an href pointing to content/action/yyy on site Y, and if a user with a valid session on site Y browses to site X, he's immediately 0wned 2. web crawlers always follow links through get, so you would end up with google triggering actions on your site So if you want a single-click experience use a form that looks like a link to post to the appropriate url. A bit of css and js will be enough to do the trick. PS: I think you might have written something in reverse in your post, Romeo: it is GET variables, not POSt ones that are both visible in the browser's url bar and logged in weberver access logs too
Principal Consultant International Business
Member of the Community Project Board
|
|
Romeo Antony
|
Monday 29 November 2010 5:23:58 am
Gaetano, thank you for the important notes. So from your and Andre's post I can conclude following as In ezp, every content/action takes actions by POST requests. In such cases , templates that recieve values from params array will be from post method. Also it is not at all safe to use the Get method , as it may vulnerable to attacks. But frankly I didn't get a way to make it work. sometimes user may hit the address bar, so they get the error message as object is not availabe. Any work around like , store the values from post in the templates so that , values will be retrieved from that variables and not from post variables the case where the post values not availabe.
|
|
André R.
|
Monday 29 November 2010 9:47:00 am
ahh, ok. Your "issue" is that you end up on content/action url when you post Information collection stuff, so if some user for some reason edits url and just hits enter he will get that error. Optimally content/action should always have redirect to a result page instead of generating the result inline. But as far as I can see in collectinformation.php, it only does this if users does not have acces or something does not validate, for the access part you could just add some logic where you ouput the button and not show it if user does not have access instead of letting them try and fail in the first place, but it's maybe the validation that is causing this "issue" for you?
eZ Online Editor 5: http://projects.ez.no/ezoe || eZJSCore (Ajax): http://projects.ez.no/ezjscore || eZ Publish EE http://ez.no/eZPublish/eZ-Publish-Enterprise-Subscription
@: http://twitter.com/andrerom
|
|
Romeo Antony
|
Monday 29 November 2010 11:15:43 pm
"in collectinformation.php, it only does this if users does not have acces or something does not validate, for the access part you could just add some logic where you ouput the button and not show it if user does not have access instead of letting them try and fail in the first place, but it's maybe the validation that is causing this "issue" for you" Idea I got it. I will try ..Thanks a lot Andre,
|