Forbidden error

namrata

Hi frenz,

After posting a resume form of my application i am getting this error

"403 Forbidden/You don't have permission to access/formmail.php on this server" ___ Apache/2.0.51(Fedora)

though i have checked file permission in server,any help will be appretiated.
Thanks

laserlight

The permissions of that file was not set to allow everyone to read it.

namrata

how to permit all users to view the file then??

dec_alpha

I'm able to register new users into this helpdesk program I'm using. Registration is successful but when I attempt to login and click submit I receive the following error:

Forbidden
You don't have permission to access /< on this server.

Apache/1.3.27 Server at www.somenet.com Port 5190

Here is the index.php code:

<?php
//access_logger.php
include "./common_db.inc";
$exclude_dirs = array('/', '/info', '/contact');
$exclude_files = array('index.html', 'info.html', 'index.php');
$user_tablename = 'users';
$access_log_tablename = 'access_log';

function login_form() {
global $PHP_SELF;

?>

<TITLE>Welcome to My Development Site</TITLE>
</HEAD>
<body background='black'>
<BODY bgcolor="#000000" text="#FFFFFF" LINK="#0000FF" VLINK="#0000FF" ALINK="#000000">
<FORM METHOD="POST" ACTION="<? print("$PHP_SELF"); ?>

<table width="100%" background=''>
<tr>

</td>
</tr>

  </table>
 <b>

</b></font>
</td>
</tr>
</table>

  <table width="100%" background='' cellpadding=0 cellspacing=0 border=0>
   <tr>
    <td align=left>

    </td>
   </tr>

</font>

</table>

<td>
<div align='center'>
<font face="Century Gothic" color="black"><strong>Helpdesk</strong>
<br>
<br>
<font size="3" face="Century Gothic">     User ID:
<INPUT TYPE="TEXT" NAME="userid" SIZE="10" maxlength='10'>
<br>
<br>
Password:
<INPUT TYPE="Password" NAME="userpassword" SIZE="10" maxlength='10'>
<br>
<br>
</font>
</td>

function bulinker(where) {
top.location = where
}
//-->

</script>
<form>
<INPUT TYPE="SUBMIT" VALUE="Logon" NAME="Submit">
<input type="button"onclick="bulinker('http://localhost:5190/register.php')"
value="New Member">
</form>
</font>
</td>
</tr>
</table>
<br>
<br>
<br>
</p>
<div align="right">
</div>
<br>
<br>
<br>
<br><br>
<br>
<br>
<a href='http://www.apache.com'><img src="apache.gif" border='none' /></a> <br><br>
  © Copyright 2003-2009 by <a href="mailto:vinpagano@hotmail.com" style="text-decoration: none">Vincenzo Pagano</a>
<br>
</CENTER>

</div>

</FORM>

</BODY>
</HTML>

<?php
}

function do_authentication() {
global $PHP_AUTH_USER, $PHP_AUTH_PW, $PHP_SELF;
global $userid, $userpassword, $register_script;
global $default_dbname, $user_tablename, $access_log_tablename;
global $MYSQL_ERROR, $MYSQL_ERRNO;

if(!isset($userid)) {
login_form();
exit;
}
else session_register("userid", "userpassword");

$link_id = db_connect($default_dbname);
$query = "SELECT userid FROM $user_tablename
WHERE userid = '$userid'
AND userpassword = password('$userpassword')";
$result = mysql_query($query);
if(!mysql_num_rows($result)) {
session_unregister("userid");
session_unregister("userpassword");

  echo "<h1><body background=''bgcolor='#000000' link='blue' alink='#008FFF' vlink='#008FFF'>
  <img src='disgruntled.gif' width='10%'/>&nbsp;&nbsp;<font color='#FFFFFF'>Authorization failed. &nbsp;&nbsp;&nbsp;&nbsp;      
   </h1><img src='failed.bmp' align='left' width='20%'/>" .

  "<p>You must enter a valid userid and password combo.<BR> " .
    "Click on the following link to try again.<BR>\n";

echo"
<script language='Javascript'>
function bulinker(where) {
top.location = where
}

 </script>

<form>
<input type='button'onclick='bulinker('http://localhost:5190/index.php')'
value='< Back to Login'>
</form>";
exit;

}
else {
$query = "UPDATE $user_tablename SET lastaccesstime = NULL
WHERE userid = '$userid'";
$result = mysql_query($query);

  $num_rows = mysql_affected_rows($link_id);
  if($num_rows != 1) die(sql_error());

  $query = "SELECT userid FROM $access_log_tablename
                        WHERE page = '$userid'
                        AND userid = '$userpassword'";      
  $result = mysql_query($query);

  if(!mysql_num_rows($result)) 
     $query = "INSERT INTO $access_log_tablename 
                     VALUES ('$PHP_SELF', '$userid', 1, NULL)";
  else $query = "UPDATE $access_log_tablename 
                 SET visitcount = visitcount + 1, accessdate = NULL 
                 WHERE page = '$PHP_SELF' AND userid = '$userid'";

  mysql_query($query);

  $num_rows = mysql_affected_rows($link_id);
  if($num_rows != 1) die(sql_error());

}
}

$filepath = dirname($PHP_SELF);
$filename = basename($PHP_SELF);

if($filepath == '') $filepath = '/';

$auth_done = 0;

for($j=0; $j < count($exclude_dirs); $j++) {
if($exclude_dirs[$j] == $filepath) break;
else {
for($i=0; $i< count($exclude_files); $i++) {
if($exclude_files[$i] == $filename) break;
else {
session_start();
do_authentication();
$auth_done = 1;
break;
}
}
}
if($auth_done) break;
}

if($userid == 'tpiro'){?>
<html>
<body bgcolor="FFFFFF" text='black'>
<font face='Century Gothic'size='4'>Welcome <em><b><?php print( "$userid" );?></b></em> to the administrator page!</font>
<br>
<div align='left'><br>Today is <b><font><?php echo date("F j, Y");?>  
<?php echo date("h:i A");?>
 EST
</td></b></font></b><br></div>
<br>
<img src='administrator.jpg'align="left"/>
<div align='left'>
<body bgcolor='white' link='black' alink='black' vlink='black'>
 
<h3>    

<font face='Times New Roman'size='2'><a href='log_database.php'>View Records</a>|
<a href='form2.php'>Create A Form</a>|
<a href ='userviewer.php'>View Users</a>|
<a href='mailto:''>Email</a>|
<a href='logoff.html'>  Logout</a>
</div>
</font>
</body>
</h3>
</html>

<?php }

else {
?>

<html>
<body bgcolor='FFFFFF'link='#blue' alink='blue' vlink='blue'>
<font face='Arial'>Welcome</font> <b><?php print("$userid");?></b><font face='Arial'> to the users page.</font>
<br>
<hr>
<br>
<br>
<div align='center'>
<img src='create.jpg' width='8%'/>
<a href ='form2.php'>Create a form</a>
<br>
<br>
<br>
<a href='http://localhost:5190/index.php'>Logoff</a>
</div>
</body>
</html>

<?php
}
?>