Page 1 of 1

501 Error?

Posted: Thu Oct 07, 2010 10:21 am
by JohnnyNM
Hi Guys,
Looking for some help on an error I can't resolve.

I've written a CMS in PHP which can edit code and save it to an SQL Database. The actual process of it works fine with HTML, text, and other stuff.
However if I submit PHP in the form (which is what the main goal is) I get a 501 error. The next page doesn't even get run, it just flat our errors when I click the button.
I think the inserted PHP is interfering with the php on the page, but I can't see a way to fix it as I have to reload the page before I can process any of the text.

All three of these sections are on the same page, and in this order.

Code: Select all

<!-- EDIT MODULE ------------------------------------------- -->
<?
if (isset($_POST['module_edit']))
	{

	$result = mysql_query("SELECT * FROM c_pages WHERE code = '".$_POST['content_code']."'", $link);
	if ( $result === false ){ echo 'ERROR: COULD NOT ACCESS DATABASE.'; exit; };
	$num_rows = mysql_num_rows($result);

		echo '<form action="'.curPageURL().'" method="post">';
		echo '<h1>Title: <input type="text" name="module_name" value="';
		if ($num_rows != 0){ echo str_replace('_', ' ', mysql_result($result, 0, "name")); };
		echo '" size=60></h1><br>';
		echo '<h1>Content:</h1>';
		echo '<textarea cols="80" id="editor1" name="editor1" rows="40">';
		if ($num_rows != 0){echo mysql_result($result, 0, "content");};
		echo '</textarea> <br>';
		echo '<input type="submit" name="module_edit_save" value="Save Module" />';
		echo '<input type="hidden" name="module_code" value="';
		echo $_POST['content_code'];
		echo '" /></form>';
	}
?>
Ignoring the fact most of this is commented out, it doesn't even get to this code before it errors.

Code: Select all

<!-- MODULE EDIT SAVE -->
<?
if (isset($_POST['module_edit_save']))
	{
		echo $_POST['editor1'];
		$editor1 = $_POST['editor1'];
		//echo '<br>'.$editor1.'<br>';
/*		$query = "UPDATE c_pages SET content='".$editor1."' WHERE code = '".$_POST['module_code']."'";
		$update = mysql_query($query);
			if (!$update) {
				die('<p style="background: #00DD00; padding: 5px;">Text could not be saved.<br>'.mysql_error().'</p><br>');
			}else{
				echo '<p style="background: #00DD00; padding: 5px;">Content text has been saved.</p><br>';
			}
		
		$name = $_POST['module_name'];

		$name = str_replace(' ', '_', $_POST['content_name']);
		$name = preg_replace("/[^a-zA-Z0-9_\s]/", "", $name);

		$query = "UPDATE c_pages SET name='".$name."' WHERE code = '".$_POST['module_code']."'";
		$update = mysql_query($query);
			if (!$update) {
				die('<p style="background: #00DD00; padding: 5px;">Text could not be saved.<br>'.mysql_error().'</p><br>');
			}else{
				echo '<p style="background: #00DD00; padding: 5px;">Content name has been saved.</p><br>';
			}
*/
	};
?>
Main Code Extract.

Code: Select all

...
echo '<input type="hidden" name="content_code" value="'.mysql_result($c_result,$c_counter,"code").'">';
echo '<input type="submit" name="module_edit" value="Edit" />';
...
This bit is the code I'm trying to insert.

Code: Select all

<?php
  // WHERE WOULD YOU LIKE THE SUBMISSIONS SENT?
  $to='marketing@....co.uk';
  $messageSubject='...: Contact Form';

  // MESSAGE ON FORM BUTTON
  $button_message = "Click to send email.";

  // SENDERS CONFIRMATION EMAIL
  $confirmationSubject='www.....co.uk - Contact Form';
  $confirmationBody="\n\nThank you for taking the time to email me.  I'll be in touch shortly.\n";

  $email='';
  $body='';
  $displayForm=true;
  if ($_POST){
    $email=stripslashes($_POST['email']);
    $body=stripslashes($_POST['body']);
    // validate e-mail address
    $valid=eregi('^([0-9a-z]+[-._+&])*[0-9a-z]+@([-0-9a-z]+[.])+[a-z]{2,6}$',$email);
    $crack=eregi("(\r|\n)(to:|from:|cc:|bcc:)",$body);
    if ($email && $body && $valid && !$crack){
      if (mail($to,$messageSubject,$body,'From: '.$email."\r\n")
          && mail($email,$confirmationSubject,$confirmationBody.$body,'From: '.$to."\r\n")){
        $displayForm=false;
?>
<p style="background: #84b1e3;">
Your message was successfully sent. In addition, a confirmation copy was sent to your e-mail address.
</p>
<?php
      }else{ // the messages could not be sent
?>

<p style="background: #84b1e3;">
  Something went wrong when the server tried to send your message.<br>
  This is usually due to a server error, and is not your fault.<br>
  Please try again.  If the error persists please email ...@....co.uk.
</p>
<?php
      }
    }else if ($crack){ // cracking attempt
?>

<p style="background: #84b1e3;">
Your message contained e-mail headers within the message body. This seems to be a cracking attempt and the message has not been sent.
</p>
<?php
    }else{ // form not complete
?>

<p style="background: #84b1e3;">
Your message could not be sent. You must include both a valid e-mail address and a message.
</p>
<?php
    }
  }
  if ($displayForm){
?>
<form action="contact.php" method="post">
  <table border=0>
    <tr>
      <td width=100><label for="email"><p>Your E-mail:</p></label></td>
      <td>
        <input type="text" name="email" id="email" value="<?php echo htmlspecialchars($email); ?>" size="30">
      </td>
    </tr>
    <tr>
      <td><label for="body"><p>Message:</p></label></td>
      <td><textarea name="body" id="body" cols="55" rows="10">
<?php echo htmlspecialchars($body); ?>
</textarea></td>
    </tr>

    <tr><td></td><td id="submit"><button type="submit"><? echo $button_message; ?></button></td></tr>
  </table>
</form>
<?php
  }
?>
Hope you guys can help, cus I'm stumped.
John.

Re: 501 Error?

Posted: Thu Oct 07, 2010 12:07 pm
by Jonah Bron
Do you get the 501 error without inserting the other piece of code? Are there any other errors?

Re: 501 Error?

Posted: Thu Oct 07, 2010 2:12 pm
by JohnnyNM
It's a 501 with a 404 as an addition underneath. However, the page only loops back on itself so I know in reality there can't actually be a 404, as the script that finds the current page is the basis for the entire CMS.
The script processes and saves in every other instance I've tried, but it's being thrown off by the code I'm inputting. :( From what I've been able to work out, the 501 only displays when I put in PHP code.
Any ideas?
Jonah Bron wrote:Do you get the 501 error without inserting the other piece of code? Are there any other errors?

Re: 501 Error?

Posted: Thu Oct 07, 2010 2:14 pm
by Jonah Bron
JohnnyNM wrote:[...] the 501 only displays when I put in PHP code. [...]
The the code you were trying to insert, or any code at all?

Re: 501 Error?

Posted: Thu Oct 07, 2010 2:26 pm
by JohnnyNM
Jonah Bron wrote:The the code you were trying to insert, or any code at all?
Any other code seems to work fine. I have a feeling it's to do with any PHP $_POST command messing up the submission, but it doesn't get to the second step, so I'm unable to slot in slashes or adjust the code before it errors.

Re: 501 Error?

Posted: Thu Oct 07, 2010 8:26 pm
by requinix
The 501 is coming from the server. Have you checked the server to see why it's doing that? (Same for the 404)

Re: 501 Error?

Posted: Fri Oct 08, 2010 5:22 am
by JohnnyNM
tasairis wrote:The 501 is coming from the server. Have you checked the server to see why it's doing that? (Same for the 404)
Not a clue how to?

Re: 501 Error?

Posted: Fri Oct 08, 2010 5:54 am
by requinix
You look at the logs. Apache has a logs/ directory, don't know about IIS.

Re: 501 Error?

Posted: Sat Oct 09, 2010 3:18 pm
by JohnnyNM
tasairis wrote:You look at the logs. Apache has a logs/ directory, don't know about IIS.
Erm... I've searched high and low through my ftp software... no sign of a logs directory. Could it be called anything else?

Re: 501 Error?

Posted: Sat Oct 09, 2010 8:26 pm
by requinix
You can't get to them through FTP.
Shared hosting? Use your cPanel or whatever to look at the logs: called something like "server logs" or "error logs".

Re: 501 Error?

Posted: Mon Oct 11, 2010 7:58 am
by JohnnyNM
tasairis wrote:You can't get to them through FTP.
Shared hosting? Use your cPanel or whatever to look at the logs: called something like "server logs" or "error logs".
This is the only error I can find.. although I think it refers more to the fact it can't find an error page.
[Mon Oct 11 13:52:56 2010] [error] [client 81.136.212.151] File does not exist: /home/northam/public_html/501.shtml, referer: http://www.dosime.co.uk/.../index.php?id=pagemgmt
Any more ideas, frankly I'm stuck. :?

Re: 501 Error?

Posted: Thu Oct 14, 2010 7:16 am
by JohnnyNM
Can any of the Mods help? as I know this site can have php submitted. Do any of you know how it's done?

Re: 501 Error?

Posted: Thu Oct 14, 2010 7:23 am
by Weirdan
That looks like your host runs mod_security (or similar application firewall). Contact them to find out for sure. If this is shared hosting they might be unwilling (or even unable) to turn it off, in which case your only option would be to change the hosting provider.