Problem was i wanted to access my codeigniter app from other devices on the wifi network, i noticed all css breaks; so i edited my base_url to
config.php
$config['base_url']= "http://".gethostbyname($_SERVER['SERVER_NAME'])."/ehit";
and my .htaccess is as
DirectoryIndex index.php
RewriteEngine on
RewriteCond $1 !^(index\.php|assets|img|css|js|robots\.txt|favicon\.ico)
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ ./index.php/$1 [L,QSA]
now everything loads correctly when i open my app from other devices like
http://192.168.1.61/ehit except for fontsAwsome.
html source
<!-- Core CSS -->
<link rel="stylesheet" type="text/css" href="http://127.0.0.1/ehit/assets/css/bootstrap.css">
<link rel="stylesheet" type="text/css" href="http://127.0.0.1/ehit/assets/css/googlefont.css">
<link rel="stylesheet" type="text/css" href="http://127.0.0.1/ehit/assets/css/font-awesome.css">
all loads correctly by fontfamily is not defined. inside font-awesome.css i find
#font-face {
font-family: 'FontAwesome';
src: url('../fonts/fontawesome-webfont.eot');
src: url('../fonts/fontawesome-webfont.eot') format('embedded-opentype'), url('../fonts/fontawesome-webfont.woff') format('woff'), url('../fonts/fontawesome-webfont.ttf') format('truetype'), url('../fonts/fontawesome-webfont.svg') format('svg');
font-weight: normal;
font-style: normal;
}
so may be the url('.. is the problem; is there a way to fix it ?
i debug and find that the url is correctly still font-family FontAwesome is not there
curl 'http://127.0.0.1/ehit/assets/fonts/fontawesome-webfont.woff' -H 'Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8' -H 'Accept-Encoding: gzip, deflate' -H 'Accept-Language: en-US,en;q=0.5' -H 'Cache-Control: max-age=0' -H 'Connection: keep-alive' -H 'Host: 127.0.0.1' -H 'Origin: http://localhost' -H 'Referer: http://127.0.0.1/ehit/assets/css/font-awesome.css' -H 'User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:28.0) Gecko/20100101 Firefox/28.0'
so where is the problem ?
EDIT
Problem solved when i changed $config to
//$config['base_url']= "http://".gethostbyname($_SERVER['SERVER_NAME'])."/ehit"; //old
$root=(isset($_SERVER['HTTPS']) ? "https://" : "http://").$_SERVER['HTTP_HOST'];
$root.= str_replace(basename($_SERVER['SCRIPT_NAME']), '', $_SERVER['SCRIPT_NAME']);
$config['base_url'] = $root;
so what was the problem ?
To application/config/config.php Change localhost to your IP Address
Visit all site on your IP Address
Example:
$config['base_url'] = 'http://192.168.xx.xx/codeigniter-project/';
PC 192.168.xx.xx/codeigniter-project<br>
Mobile 192.168.xx.xx/codeigniter-project<br>
tablet 192.168.xx.xx/codeigniter-project<br>
Good luck.
You need to allow .woff files in .htaccess:
RewriteCond $1 !^(index\.php|assets|woff|eot|img|css|js|robots\.txt|favicon\.ico)
This could be a possible cause.
Related
I am trying to use my Gmail account to send emails in a Laravel 9 project. I have a custom domain and have setup a custom gmail workspace account. Using that account, I generated an app password, and used that to send emails on my local serve, and it works. Here are the settings in the .env for the mail server:
MAIL_MAILER=smtp
MAIL_HOST=smtp.gmail.com
MAIL_PORT=465
MAIL_USERNAME=example#silkweb.ca
MAIL_PASSWORD="***********"
MAIL_ENCRYPTION=ssl
MAIL_FROM_ADDRESS=example#silkweb.ca
MAIL_REPLYTO_ADDRESS=xyz#gmail.com
MAIL_FROM_NAME="${APP_NAME}"
I am able to send emails using the above configuration on the local server on my Mac. However, when I use exactly same settings on the production server (my domain silkweb.ca), I get an error message:
Symfony\Component\Mailer\Exception\TransportException PHP 8.0.26. 9.24.0
Expected response code "250/251/252" but got code "550", with message "550 5.7.1 Relaying denied".
Here are the details about the request sent by PHP
curl "https://silkweb.ca/password/email" \
-X POST \
-H 'cookie: XSRF-
TOKEN=eyJpdiI6IlNKbExabVZGZFdVMFRDL3ZBdFZnWUE9......' \
-H 'accept-language: en-US,en;q=0.9' \
-H 'accept-encoding: gzip, deflate, br' \
-H 'referer: https://silkweb.ca/password/reset' \
-H 'sec-fetch-dest: document' \
-H 'sec-fetch-user: ?1' \
-H 'sec-fetch-mode: navigate' \
-H 'sec-fetch-site: same-origin' \
-H 'accept: text/html,application/xhtml+xml,application/xml;q=0.9,.....\
-H 'user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36' \
-H 'content-type: application/x-www-form-urlencoded' \
-H 'origin: https://silkweb.ca' \
-H 'upgrade-insecure-requests: 1' \
-H 'sec-ch-ua-platform: "macOS"' \
-H 'sec-ch-ua-mobile: ?0' \
-H 'sec-ch-ua: "Not?A_Brand";v="8", "Chromium";v="108", "Google Chrome";v="108"' \
-H 'cache-control: max-age=0' \
-H 'content-length: 74' \
-H 'connection: keep-alive' \
-H 'host: silkweb.ca' \
-F '_token=WQnq9y7JklvDiU5hqORymYvorevDOgOReoPPB2uc' -F 'email=rktaxali#gmail.com'
Any suggestion, how to fix this issue?
I am not sure what was the issue, but smtp.gmail.com has started working. I cleared cache and congig cache (php artisan cache:clear and php artisan congig:clear). I also changed the encryption to tls and port to 587. I also removed quotes (") from the passwrod. Then, first I used my personal gmail account with smtp.gmail.com and it worked. Later I tried my custom gmail account (from my domain silkweb.ca) and that I also worked. The following settings are working for me:
# Google SMTP configuration
MAIL_MAILER=smtp
MAIL_HOST=smtp.gmail.com
MAIL_ENCRYPTION=tls
MAIL_PORT=587
MAIL_USERNAME=example#silkweb.ca
MAIL_PASSWORD=**********
MAIL_FROM_ADDRESS=example#silkweb.ca
When I was searching for answers for my issue on the net, I came across an article Google: https://support.google.com/a/answer/176600?hl=en
As per this article, the recommended method to send emails from a gmail account is smtp-relay.gmail.com.
This question already has answers here:
Apache 2.4 + PHP-FPM and Authorization headers
(4 answers)
Closed 11 months ago.
I have defined the rule into .htaccess like this:
# Ensure Authorization header is passed along
RewriteCond %{HTTP:Authorization} .
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
And I have passed "Authorization Bearer Token" into HTTP request like below:
:authority: demo.com
:method: POST
:path: /data-list
:scheme: https
accept: application/json, text/plain, */*
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9,hi-IN;q=0.8,hi;q=0.7,gu-IN;q=0.6,gu;q=0.5
authorization: Bearer IiwiZGVzdCI6Imh0dHBzOlwvXC93Yy1rdW5hbGcubXlzaG9waWZ5LmNvbSIsImF1ZCI6ImI4NzMyYTZkNjcyMGFiNjNlN2IwZTRkNDExNzVhNTZlIiwic3ViIjoiNDQ1MDIxMjI2MjkiLCJleHAiOjE2NDg0NDEwODYsIm5iZiI6MTY0ODQ0MTAyNiwiaWF0IjoxNjQ4NDQxMDI2LCJqdGkiOiIyMjZiM2
content-length: 22
content-type: application/x-www-form-urlencoded
dnt: 1
origin: https://demo.com
referer: https://demo.com/data?hmac=18dc09298e1bd09d95c02ada793f57140804bf42380be07&host=d2Mta3VuYWxnLm15c2lmeS5jb20vYWRtaW4&locale=en-IN&session=55bfc54daf6945e3ca50b2da7f5830d88dcfcb8f4d103b97518166d9fd7b00c9&shop=demo.com×tamp=1648441021
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="99", "Google Chrome";v="99"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: same-origin
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.82 Safari/537.36
But, using PHP variable $_SERVER or any other PHP variables I am not getting "authorization: Bearer Token".
I am using a digital ocean server for this.
I have tried PHP variables like $_SERVER or any other PHP variables that get "authorization: Bearer Token".
I am getting blank array response for printing $_SERVER['HTTP_AUTHORIZATION'].
Is there any information that I am missing?
Works fine for me with this code in .htaccess :
RewriteCond %{HTTP:Authorization} .+
RewriteRule ^ - [E=HTTP_AUTHORIZATION:%0]
I tried to reproduce the issue but didn't get any error. Try to make the same request.
HTTP-Request
POST /data-list
Host: demo.com
authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9XXXXXXX
In PHP
function getToken(){
$bearerToken = null;
if (isset($_SERVER['AUTHORIZATION'])) {
$bearerToken = $_SERVER['AUTHORIZATION'];
}elseif (isset($_SERVER['HTTP_AUTHORIZATION'])) { //Nginx or fast CGI
$bearerToken = $_SERVER["HTTP_AUTHORIZATION"];
}elseif (isset($_SERVER['REDIRECT_HTTP_AUTHORIZATION'])) {
$bearerToken = $_SERVER["REDIRECT_HTTP_AUTHORIZATION"];
}
return $bearerToken;
}
echo getToken(); // This returned a Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9XXXXXXX
After 450 hours of work my web-app doesn't work anymore, and I don't know how to solve it. Let me explain the situation:
I was inserting my website into the server and playing around with htaccess.
I have changed many times the htaccess playing around with symlinks, rewriting url to go to redirect to https, etc.
My website was logging in the user and now not anymore working for this function anymore:
The Apache log is this one repeating the same name of the folder:
[13/Oct/2017:21:44:59 +0200] "GET
/developement/index.php/fold/fold/fold/fold/fold/fold/loginform.inc.php
HTTP/1.1" 302 9358 "-" "Mozilla/5.0 (Windows NT 6.2; WOW64;
Trident/7.0; rv:11.0) like Gecko"
I have just changed the httpd.conf in Xampp inserting: AllowOverride All
after I discovered it was on none
I don't really know what's going on:
I think I have a problem in my php where I write the header:
header("Location: ../invoice.php"); if the user is logging in.
I have read that you can't have any echo in the php file before header if not is not working
Further info:
I have included a core.php file in all the files so I define some functionlike the below:
<?
ob_start();//to use the header func to redirect to index.php after log in
session_name("test");//to hide session id def cookie name PHPSESSID=
session_start();//to save the global var user id after log in
//Errors On/off
if(strstr($_SERVER['SERVER_NAME'],"localhost")) {
// Make sure we show all errors
ini_set('display_errors', 1);
ini_set('log_errors', 1);
error_reporting(E_ALL);
ini_set('html_errors', 'On');
ini_set('display_startup_errors','On');
} else {
//IMP: DA VERIFICARE SE FUNZIONA NEL SERVER!!!!!!!!!!!!!!!!!!!
// We also want to suppress all warnings
ini_set('display_errors', 0);
error_reporting(0);
ini_set('html_errors', 'Off');
ini_set('display_startup_errors','Off');
}
//this to define links in my HTML (in header(Location: MIO./myfolder ) it does not work !!!)
//define http root
define("MINE",($_SERVER["SERVER_NAME"] == "localhost")? "http://localhost/developement/" : "https://www.mywebsite.it/");
//echo MINE;
?>
Content of .htaccess:
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteCond %{HTTP_HOST} ^mywebsite.it [OR]
RewriteCond %{HTTP_HOST} ^www.mywebsite.it [NC]
RewriteRule ^(.*)$ https://www.mywebsite.it/$1 [L,R=301]
Xampp Apache Access Log:
::1 - - [15/Oct/2017:00:47:10 +0200] "POST /developement/elgin/loginform.inc.php HTTP/1.1" 200 10325 "http://localhost/developement/elgin/loginform.inc.php" "Mozilla/5.0 (Windows NT 6.2; WOW64; Trident/7.0; rv:11.0) like Gecko"
Xampp Apache Error Log:
Failed loading C:\xampp\php\ext\php_xdebug-2.5.4-7.1-vc14.dll
6] AH01909: www.example.com:443:0 server certificate does NOT include an ID which matches the server name
Just some php files had the BOM.
Saved to BOM and re-saved to UTF-8 w no BOM
We have a proxy PHP script and access POST form data via
$postPayload = file_get_contents('php://input');
which usually works.
(The reason to not use $_POST is that we sometimes have duplicate form input names which PHP suppresses)
Now we have a form with
<form name="form" method="post"
action="/script.php" enctype="multipart/form-data">
In this case file_get_contents('php://input'); returns an empty string.
It can be reproduced with
curl 'http://localhost/script.php' -H 'Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8' -H 'Referer: http://localhost/script.php?commandCode=NO_AUTH_REGIST_OPEN_USER&lang=de' -H 'Origin: http://misumi-europe.com.orange.imi.local' -H 'Upgrade-Insecure-Requests: 1' -H 'User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.112 Safari/537.36' -H 'Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryk3IVneARm3kqJ0fs' --data-binary $'------WebKitFormBoundaryk3IVneARm3kqJ0fs\r\nContent-Disposition: form-data; name="commandCode"\r\n\r\nNO_AUTH_NEXT\r\n------WebKitFormBoundaryk3IVneARm3kqJ0fs\r\n' --compressed
How can I access the RAW POST data in this case?
I was able to fix it like this in .htaccess
<Files "script.php">
# make post data always available in the proxy
php_flag enable_post_data_reading 0
</Files>
multipart/form-data is not send to php://input, only to $_POST.
In php.ini you can set enable-post-data-reading=off to change this but $_POST will always be empty. See http://php.net/manual/en/ini.core.php#ini.enable-post-data-reading
You might set it for single pages using .htaccess
php_value enable-post-data-reading off
There is also an apache hack:
<Location "/backend/XXX.php">
SetEnvIf Content-Type ^(multipart/form-data)(.*) NEW_CONTENT_TYPE=multipart/form-data-alternate$2 OLD_CONTENT_TYPE=$1$2
RequestHeader set Content-Type %{NEW_CONTENT_TYPE}e env=NEW_CONTENT_TYPE
</Location>
See also: Get raw post data
Where is the debug information "Current character set: utf8" comming from?
It appears always first when I echoing something within my index.php (slim) script.
I really become desperate trying to suppress this.
May it caused by the .htaccess rules?
RewriteEngine On
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^(.*)$ %{ENV:BASE}index.php [QSA,L]
Here my setting:
Server: Apache/2.4.9 (Win32) OpenSSL/1.0.1g PHP/5.5.11
X-Powered-By: PHP/5.5.11
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/37.0.2062.124 Safari/537.36
The relevant section of the index.php:
function echoRespnse($status_code, $response) {
$app = \Slim\Slim::getInstance();
// Http response code
$app->status($status_code);
$app->config('debug', false);
// setting response content type to json
$app->contentType('application/json');
//$app->response()->header('Content-Type', 'application/json');
echo json_encode($response);
}
Any help would be greatly appreciated