0

Problem I have is that I cannot update records in my CakePHP 3.8 application, that it's installed on live server. On my development server it works fine.

I can insert new, I can delete, I can select, but I am unable to update any record.

(Of course, MySQL user have right to update records.)

This is how edit action works, and part of code that is never reached:

public function edit($id = null)
    {
        $activity = $this->Activities->get($id, [
            'contain' => []
        ]);
    if ($this->request->is(['patch', 'post', 'put'])) {

        // **** THIS PART OF CODE IS NOT EXECUTED AFTER UPDATE

        $activity = $this->Activities->patchEntity($activity, $this->request->getData());
        if ($this->Activities->save($activity)) {
            $this->Flash->success(__('The {0} has been saved.', 'Activity'));
            return $this->redirect(['action' => 'index']);
        }
        $this->Flash->error(__('The {0} could not be saved. Please, try again.', 'Activity'));
    }
    $lodges = $this->Activities->Lodges->find('list', ['limit' => 200]);
    $clients = $this->Activities->Clients->find('list', ['limit' => 200]);
    $this->set(compact('activity', 'lodges', 'clients'));
}

I checked with pr($this->request), and there is no 'patch', 'post', or 'put' method when trying to update record, only 'get'. But why 'get'?

Is there something with CSRF Component of CakePHP 3.8?

Can you help me with this one please?

Thank you in advance!

UPDATED: this is my form:

<?php echo $this->Form->create($activity, ['role' => 'form']); ?>  
  <div class="box-body">
    <?php
      echo $this->Form->control('name');
      echo $this->Form->control('description');
      echo $this->Form->control('price_1');
      echo $this->Form->control('price_1_name');
      echo $this->Form->control('price_2');
      echo $this->Form->control('price_2_name');
    ?>
    </div>
    <!-- /.box-body -->
    <?php echo $this->Form->submit(__('Submit')); ?>
    <?php echo $this->Form->end(); ?>

And, also, I have same problem with every update form in this application, on live server. On development server it works fine.

UPDATE 2:

In mod security log files, I get the message:

Request:POST /locations/edit/3 Action Description: Access denied with code 403 (phase 2). Justification: String match "cakephp" at REQUEST_COOKIES_NAMES:CAKEPHP.

I added following line in bootstrap.php and app.php, but error message remains the same:

   Configure::write('Session', [
        'defaults' => 'php',
        'cookie'=>'NICK',
    ]);
user198003
  • 11,029
  • 28
  • 94
  • 152
  • You seem to access the action by get, which is via param in the url. For reaching the if ($this->request->is(['patch', 'post', 'put'])) part you need to make sure you're using http's patch/post/put methods (f.e using a Form with post data). See https://developer.mozilla.org/en-US/docs/Web/HTTP/Methods – polyte Nov 08 '19 at 16:52
  • It is - it's "normal" Cakes form, baked by cake command. Also, like I said, this works on my local server, but not on live. So I guess that is something on live server that is not enabled or it is wrong configured. I added in my primary post how my form looks like. – user198003 Nov 09 '19 at 07:51

1 Answers1

1

So, solution is this:

Yes, like I wrote, I needed to add next in app.php:

Configure::write('Session', [
'defaults' => 'php',
'cookie'=>'NICK',
]);

And after that to delete cookies in the browser.

Hope it will help to somebody, I was really struggle to solve this.

user198003
  • 11,029
  • 28
  • 94
  • 152