Exception Redirects

sganz · March 7, 2014, 5:00am

Hello -

I am pretty new to yii and have made a great amount of progress looking online for help on my related issues. Now I have one that I’m sure is easy (most things are after you figure them out!).

Here is my problem -

I have a simple yii app that has no login, really when all said and done a form that gets submitted. All the code for login, and related generated code from yiic that was not needed (except error.php) was removed.

The problem is when an exception is thrown I get the 302 redirect loop that redirects back to ‘… /index.php?r=site/login’ until the browser detects the loop and kills the redirect loop.

Also in the single controller that I have I do a default page -




class SiteController extends Controller

{

	public $defaultAction = 'landing';	

...

Which is my main entry point to the app, Again it uses no login or related access controls. Everything is working fine other then working with exceptions.

I found this by accident by testing an ajax action that was checking that it was really an ajax request proper and tossing an exception if not,

I also have this as my action for the error if that matter (I think it was yiic generate), on an exception would like the error page to show with the message.


...

	public function actionError()

	{

		if($error=Yii::app()->errorHandler->error)

		{

			if(Yii::app()->request->isAjaxRequest)

				echo $error['message'];

			else

				$this->render('error', $error);

		}

	}

...

Other then that, I’m not sure why it redirects back to the login action or how to change that behavior…

Thanks for any help or guidance!

Sandy

qianggan · March 7, 2014, 5:15pm

check the access rules in the controller.

If you don’t use login, then change all “@” to “*”, which will not request log in to access all these actions.




	public function accessRules()

	{

		return array(

			/*array('allow',  // allow all users to perform 'index' and 'view' actions

				'actions'=>array('index','view'),

				'users'=>array('*'),

			),*/

			array('allow', // allow authenticated user to perform 'create' and 'update' actions

				'actions'=>array('index','view'),

				'users'=>array('@'),

			),

			array('allow', // allow admin user to perform 'admin' and 'delete' actions

				'actions'=>array('admin','delete','create','update'),

				'users'=>array('@'),

				'expression'=>'Yii::app()->user->role == "admin"',

			),

			array('deny',  // deny all users

				'users'=>array('*'),

			),

		);

	}

sganz · March 7, 2014, 6:30pm

I don’t think that is the issue, here is my accessRules() -


	public function accessRules()

	{

		/*

		* Only allow the 3 pages and the lookup and ajax related functions to be accessable

		*/


		return array(

			array('allow',  // allow all to look at the pages and lookups

				'actions'=>array('landing', 'quote', 'confirmation', 

				'models', 'trims', 'colors', 'dealers', 

				'photomakes', 'photomodel', 'phototrim'),  // added create to all users no login needed 

				'users'=>array('*'),

			),




			array('allow', // allow authenticated user to perform 'create' and 'update' actions

				'actions'=>array('update'),

				//'users'=>array('@'),

				'users'=>array('*'),

			),

			

			array('allow', // allow admin user to perform 'admin' and 'delete' actions

				'actions'=>array('admin','delete'),

				//'users'=>array('admin'),

				'users'=>array('*'),

			),


			array('deny',  // deny all users

				'users'=>array('*'),

			),

		);

	}

And here is the simple exception that I’m tossing, say a users hits the URL without ‘ajax’ present -


if(!isset($_POST['ajax']))

  	throw new CHttpException('WTF - Request denied');

I think when the exception is thrown the framework is expecting to go to a page that is not there and somehow gets into a redirect loop. Might be something I have to do to setup the actions based on an exception but not really sure…

Thanks for the suggestion, I’ll give it some more looking at to see if I can find out more on what is going on.

Sandy

sganz · March 7, 2014, 6:36pm

This might help, was watching the application.log and saw this -


#0 /var/www/yii/framework/web/CController.php(270): CController->missingAction('login')

#1 /var/www/yii/framework/web/CWebApplication.php(282): CController->run('login')

#2 /var/www/yii/framework/web/CWebApplication.php(141): CWebApplication->runController('site/login')

#3 /var/www/yii/framework/base/CApplication.php(180): CWebApplication->processRequest()

#4 /var/www/carro/index.php(13): CApplication->run()

#5 {main}

And again to be clear i have no login view or related (or need for it) and my default page is ‘landing’ which is working fine.

qianggan · March 7, 2014, 7:51pm

Then check if there is any redirect point to itself.

In the code, somehow, you want to redirect to other page, so you don’t use render, but make sure redirect cannot to action itself if you did not designed exit in the controller.

sganz · March 8, 2014, 2:39am

Ok, found the problem!

In my accessRules() their was NO entry for the errorAction() as soon as I added ‘error’ it it generates the ERROR page!!!




...

		return array(

			array('allow',  // allow all to look at the pages and lookups

				'actions'=>array('landing', 'quote', 'confirmation', 

				'models', 'trims', 'colors', 'dealers', 'error', 

				'photomakes', 'photomodel', 'phototrim'),  // added create to all users no login needed 

				'users'=>array('*'),

			),

...

So it seems that the access rule for the errorAction must be defined for it to work. This makes sense after guessing that the Exception eventually does a render on that page.

Thanks for the all the suggestions, got me going to solve the problem!

Sandy