1. Home
  2. Forums Index
  3. Server Side / PHP Server Side Scripting 6:02 pm May 1, 2026

Forum Moderators: coopster

Message Too Old, No Replies

post form returns " Access forbidden!"

         

cubes

9:31 pm on May 14, 2008 (gmt 0)

10+ Year Member



hello peeps. First time poster here and somewhat of a php noob but I' hoping somebody can help.

Basically I have a page which retrieves data from my database and each row populates a form with the values, this bit works. However if I change one of the values in the form and hit update to insert the updated values back to the database, the page refreshes and the following error message is displayed

Access forbidden!

You don't have permission to access the requested object. It is either read-protected or not readable by the server.

If you think this is a server error, please contact the webmaster.
Error 403
localhost

Here is my code(I've cut out a lot of the fields to save space): 


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" 
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> 
<html xmlns="http://www.w3.org/1999/xhtml"> 
<head> 
<title>Admin:List Sport Entries</title> 
<meta http-equiv="content-type" 
content="text/html; charset=iso-8859-1" /> 
<style> 
@import url(css/main.css ); 
</style> 
</head> 
<body> 
<h1>Admin:List Sport Entries</h1> 
<?php 
include_once 'dbcnx.inc.php'; 
$sport = @mysql_query('SELECT * FROM sport'); 
if (!$sport) { 
exit('<p>Error retrieving data from database!<br/>'. 
'Error: ' . mysql_error() . '</p>'); 
} 
if (isset($_POST['name'])): 
// The details have been updated. 
$id = $_POST['id']; 
$name = $_POST['name']; 
$sql = "UPDATE sport SET 
name='$name' 
WHERE id='$id'"; 
if (@mysql_query($sql)) { 
echo '<p>updated.</p>'; 
} else { 
echo '<p>Error updating details: ' . 
mysql_error() . '</p>'; 
} 
?> 
<?php 
else: // populate forms(s) 
while ($result = mysql_fetch_array($sport )) { 
$id = $result['id']; 
$name = $result['name']; 
// Convert special characters for safe use 
// as HTML attributes. 
$name = htmlspecialchars($name); 
//Build form 
echo"<div class='sport_info_group'>"; 
echo'<form action=$_SERVER["PHP_SELF"];" method="post">'; 
echo'<label>ID: <input type="text" name="id" 
value=' . $id .'></label><br />'; 
echo'<label>Name: <input type="text" name="name" 
value=' . $name .'></label><br />'; 
echo'<input type="hidden" name="id" value=' . $id . ' >'; 
echo'<input type="submit" value="UPDATE" /></p>'; 
echo"</form>"; 
echo"</div>"; 
} 
?> 
<?php endif; ?> 
</body> 
</html>

I dont really know where I'm going wrong with this so any help is most appreciated!

Thanks

penders

7:13 am on May 15, 2008 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member Top Contributors Of The Month



Welcome to webmasterworld :)

Only a guess... do you have mod_security installed on your server? I'd perhaps try changing the names of your input's, instead od using "id" and "name". Also, you seem to have 2 input's with the same name="id" (one hidden, one not).

EDIT: It looks like your form action is malformed... what does the resulting HTML look like? 

echo'<form action=$_SERVER["PHP_SELF"];" method="post">';

I think should be: 

echo '<form action="'.$_SERVER["PHP_SELF"].'" method="post">';

cubes

2:42 pm on May 15, 2008 (gmt 0)

10+ Year Member



Hi penders, thanks for replying. I'm at work at the moment but I'll try changing that form action when i get home. As for the mod_security module, I don't think that's installed, I'm using the xampp package running locally on my home machine so I'm guessing that's not included (at least by default).
 

Join The Conversation

Moderators and Top Contributors

Hot Threads This Week

  1. Home
  2. Forums Index
  3. Server Side / PHP Server Side Scripting 6:02 pm May 1, 2026