A “403-Forbidden Error” occurs after clicking on Form Submit-Button

[michael]

Wordpress: v5.4.2
GeneratePress Premium: v1.10.0
Using the GP-Premium SiteLibrary-MELLOW (modified by me)
===============================

My online site’s several pages are, so far, displaying fine. However, this is the FIRST time I am trying any INSERTS to my custom WordPress table.

A 403-Forbidden error occurs after clicking on Submit-Button on my local laptop development server, using ServerPress-DesktopServer (that I noramlly migrate to live my website).

SITUATION:
-I have SUBMIT FORM code that displays on a section of my Home Page. I have created a PLUGIN that INSERTS the Form Input HTML, via a “wordpress” shortcode in the Home Page HTML.

This looks fine on the website.

I have tested my WordPress Database by manually INSERTING into my “form_signup” table… it works great.

However, When I click on the HTML Submit Button, I get the 403-Forbidden error (regardless of any php processing code that I comment out).

-I have changed ALL Database & WordPress folder files PERMISSIONS to “Everyone”.
-I have SET my WordPress & MySQL database PERMISSIONs to EVERYONE with Read/Write access.
-I have RECREATED the .htaccess file.

The above error still displays !!!

I think somewhere I am not SETTING the WordPress security/permission to allow a USER to Insert into my form table?????

Please Help.

>>>>>>>>>>>>>> 403 Error after CLICKING Submit Button: >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
Forbidden
You don’t have permission to access /< on this server.
Additionally, a 403 Forbidden error was encountered while trying to use an ErrorDocument to handle the request.

Apache/2.4.37 (Win32) OpenSSL/1.1.1a PHP/7.3.1 Server at http://www.cucme123.dev.cc Port 80

====== My Home Page includes the following code to display the Signup Form ============================================

[cucme_contact_form]

>>>> BEGIN >>>>> My plugin code >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
<?php
/*
Plugin Name: cucme_contact_form

Description: Global functions
Version: 0.1.0
Author: MEH

*/

/* Web Security to thwart unatuthorized entrance */
defined( ‘ABSPATH’ ) or die( “Hey you can\’t access this file silly !” );

echo ‘<script language=”javascript”>’;
echo ‘alert(“inside TOP cucme_contact_form.php”)’;
echo ‘</script>’;

$not_human = “Human verification incorrect.”;

//response generation function

$response = “”;

//function to generate response
function my_contact_form_generate_response($type, $message){

global $response;

if($type == “success”) $response = “

{$message}

“;
else $response = “

{$message}

“;
}

//response messages
$not_human = “Human verification incorrect.”;
$missing_content = “Please supply all information.”;
$email_invalid = “Email Address Invalid.”;
$message_unsent = “Message was not sent. Try Again.”;
$message_sent = “Thanks! Your message has been sent.”;

//user posted variables
$email = (isset($_POST[’email’]) ? $_POST[’email’] : ”);
$name = (isset($_POST[‘name’]) ? $_POST[‘name’] : ”);
$gender = (isset($_POST[‘gender’]) ? $_POST[‘gender’] : ”);
$age = (isset($_POST[‘age’]) ? $_POST[‘age’] : ”);
$city = (isset($_POST[‘city’]) ? $_POST[‘city’] : ”);
$state = (isset($_POST[‘state’]) ? $_POST[‘state’] : ”);
$country = (isset($_POST[‘country’]) ? $_POST[‘country’] : ”);
$personality = (isset($_POST[‘personality’]) ? $_POST[‘personality’] : ”);

// >>>>> debug >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
$signup_form_input = ‘\$email: ‘ . $email
. ‘\n\$name: ‘ . $name
. ‘\n\$gender: ‘ . $gender
. ‘\n\$age: ‘ . $age
;

echo ‘<script language=”javascript”>’;
//echo “alert(‘\$not_human: $not_human’)”;
echo “alert(‘$signup_form_input’)”;
echo ‘</script>’;
// <<<<< debug <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<

$human = (isset($_POST[‘human’]) ? $_POST[‘human’] : ”);
$submitted = (isset($_POST[‘submitted’]) ? $_POST[‘submitted’] : ”);

//php mailer variables
$to = get_option(‘admin_email’);
$subject = “Someone sent a message from “.get_bloginfo(‘name’);
$headers = ‘From: ‘. $email . “\r\n” .
‘Reply-To: ‘ . $email . “\r\n”;

if(!$human == 0){
if($human != 2) my_contact_form_generate_response(“error”, $not_human); //not human!
else {

//validate email
if(!filter_var($email, FILTER_VALIDATE_EMAIL))
my_contact_form_generate_response(“error”, $email_invalid);
else //email is valid
{
//validate presence of name and message
if(empty($name) || empty($message)){
my_contact_form_generate_response(“error”, $missing_content);
}
else //ready to go!
{
$sent = wp_mail($to, $subject, strip_tags($message), $headers);
if($sent) my_contact_form_generate_response(“success”, $message_sent); //message sent!
else my_contact_form_generate_response(“error”, $message_unsent); //message wasn’t sent
}
}
}
}
else if ($_POST[‘submitted’]) my_contact_form_generate_response(“error”, $missing_content);

function cucme_contact_form() {
$content = ‘
<style type=”text/css”>
.error{
padding: 5px 9px;
border: 1px solid red;
color: red;
border-radius: 3px;
}

.success{
padding: 5px 9px;
border: 1px solid green;
color: green;
border-radius: 3px;
}

</style>

<?php echo $response; ?>’;

$content2 =
‘<form action=”<?php the_permalink(); ?>” id=”form-action” method=”post”>
<p class=”form-label”><label for=”message_email”>Email: <input type=”text” name=”message_email” id=”signup-input-email” class=”inputbox” value=””></label></p>
<p class=”form-label”><label for=”message_name”>Name: <input type=”text” name=”message_name” id=”signup-input-name” class=”inputbox” value=””></label></p>
<p class=”form-label”><label for=”message_gender”>Gender: <input type=”text” name=”message_gender” id=”signup-input-gender” class=”inputbox” value=””></label></p>
<p class=”form-label”><label for=”message_age”>Age: <input type=”text” name=”message_age” id=”signup-input-age” class=”inputbox” value=””></label></p>
<p class=”form-label”><label for=”message_city”>City: <input type=”text” name=”message_city” id=”signup-input-city” class=”inputbox” value=””></label></p>
<p class=”form-label”><label for=”message_state”>State/Region: <input type=”text” name=”message_state” id=”signup-input-state” class=”inputbox” value=””></label></p>
<p class=”form-label”><label for=”message_country”>Country: <input type=”text” name=”message_country” id=”signup-input-country” class=”inputbox” value=””></label></p>
<p class=”form-label”><label for=”message_personality”>Personality Type: <input type=”text” name=”message_personality” id=”signup-input-personality” class=”inputbox” value=””></label></p>

<p class=”form-label”><label for=”message_human”>Human Verification: <input type=”text” id=”human-verify” class=”inputbox” name=”message_human”> + 3 = 5</label></p>

<input type=”hidden” name=”submitted” value=”1″>
<p class=”form-submit”><input type=”submit” id=”submit-button”></p>

</form>

‘;

return $content . $content2;
}
add_shortcode(‘cucme_contact_form’, ‘cucme_contact_form’); /* short code, function called */

//////////////////////////////////////
// Form Insert into table=form_signup
if (isset($_POST[‘submitted’])) {

echo ‘<script language=”javascript”>’;
echo ‘alert(“if (isset($_POST[submitted])) “)’;
echo ‘</script>’;

global $wpdb;

$data_array = array (
’email’ => $_POST[’email’],
‘name’ => $_POST[‘name’],
‘gender’ => $_POST[‘gender’],
‘age’ => $_POST[‘age’],
‘city’ => $_POST[‘city’],
‘state’ => $_POST[‘state’],
‘country’ => $_POST[‘country’],
‘personality’ => $_POST[‘personality’]
);

$table_name = ‘form_signup’;

$rowResult = $wpdb->insert($table_name, $data_array, $format=NULL);

// return row insert result
if($rowResult == 1) {
echo ‘<h1>Form Submit Successfully in DB<h1>’;
} else {
echo ‘error form submisiion !!!’;
}
};

function cucme_hide_page09_launchgame() {
$content = ‘
<style type=”text/css”>
.site-header {
display: none;
}

</style>’;

return $content;
}

add_shortcode(‘cucme_hide_page09_launchgame’, ‘cucme_hide_page09_launchgame’); /* short code, function called */

?>

<<<< END <<<<< My plugin code <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<

======== My WordPress Database form_signup Table structure ================================================================

# Name Type Collation Attributes Null Default Comments Extra Action
1 id PrimaryIndex int(11) No None AUTO_INCREMENT Change
2 email text utf8_unicode_ci Yes NULL
3 name text utf8_unicode_ci Yes NULL
4 gender text utf8_unicode_ci Yes NULL
5 age tinyint(4) Yes NULL
6 city text utf8_unicode_ci Yes NULL
7 state text utf8_unicode_ci Yes NULL
8 country text utf8_unicode_ci Yes NULL
9 personality text utf8_unicode_ci Yes NULL

[michael]

I want ALL users to optionally be able to Submit ANY one field or all fields on the submit form–WITHOUT Requiring them to Login or Register in any way.

[Leo]

Hi Michael,

Sorry but I’m not seeing this would be a GP related issue?

Sounds like it’s an issue with your code/plugin and would happen with any themes.

Let me know if I’m missing something.

Documentation: http://docs.generatepress.com/
Adding CSS: http://docs.generatepress.com/article/adding-css/

[michael]

OK Thanks for getting back to me Leo, now I can rule out GeneratePress.

I will check with the WordPress forums to get some tips.

I thought it might be a simple fix that I just don’t know about.

-Namaste

[Leo]

No problem 🙂

Documentation: http://docs.generatepress.com/
Adding CSS: http://docs.generatepress.com/article/adding-css/

[Author]

Posts