As I am still working on this... could it be an antispam kind of thing? sending it to 403?

I tried emptying my anti-spam table and updating it but the problem still exists.

I even tried disabling the html checker for posts but I still get a 403 error.

I am able to put a url in the post's body (for the auto URL to use) but I can't add an "a" tag or put a url in the "link to url" part of writing a post.

HELP!

Okay this is weird. BTW a link to your blog helps. Always. What version did you upgrade from? Did you do a complete upgrade or did you try to do "just the files that seem to need updating" upgrade? What hacks, if any, did you try to carry forward during the upgrade process? Without a link we can only guess at what's going on, so here's mine: you've got a strangely corrupted file somewhere.

Anyway you can start shotgunning this problem by grabbing a fresh copy of the zip package and unzipping it, deleting the inc/ folder from your server, and replacing it with the inc/ folder from the new copy you just unzipped. Also I'd do everything in the conf/ folder except your _basic_config.php file. For that I'd edit the new one to reflect the database connection info (and baseurl and admin email and config_is_done lines), then replace the server version with the new one. Also - what the heck - all the files that are part of the root-level for b2evolution.

Thanks, EdB- I'm a big fan!

I upgraded from 0.9.2 and had some installation problems into 1.8.latest so I tried another upgrade to 1.9.2. That's what's running on zimorama.com and dizzysoft.com right now. I completely emptied the site before installing the new files- even between the 1.8 and 1.9 installation.

I had some initial problems with incomplete installation so I tried your suggestion and it didn't seem to help.

New observation- if I try and "preview" a post, the post shows up. When I then post it, I get to a 403.

Are these sites running off the same host? I've no idea what or why, but it seems possible this is a host-related issue.

Okay so login required is frequently a cookie-related issue, though I've no idea why a cookie problem would let you in to the back office and post unless you have a URL in the field for URLs. Anyway the stock answer to cookie issues is to delete the cookies and clear your cache, so I guess it won't hurt to try that. For some reason I doubt it'll help, but ... aw heck just try it through a different browser and the cookie & cache theory is tested without deleting or clearing.

Also I wonder if you're seeing b2evolution's 403 page, or one from somewhere else? b2evolution's says "Sorry, you have no permission to access this section", and if you want to you can edit inc/VIEW/errors/_access_denied.inc.php to put your own text in and see if that's what you're getting. This will help answer if it's the program or your host/server that's beating up your linkability.

Check your .htaccess files and see if you have any access deny statements.

no deny statements in my .htaccess file. Just the suggested b2e access file plus a rewrite for my dizzysoft domain...

RewriteEngine On
RewriteCond %{HTTP_HOST} ^(www\.)?dizzysoft.com*
RewriteCond %{REQUEST_URI} !/dizzysoft/
RewriteRule (.*) dizzysoft/$1

additionally... EdB...

I logged in on a completely different computer and replicated the same results- 403 after posting something with a href (even an href to my own site). In both cases the 403 was the default IE screen, not b2e's.

The plot thickens... when I sent a post by e-mail with a href in it, it posted just fine (my e-mail posts automatically default to "draft" until I post them from the back office- both of which worked fine but neither of which work when I write it in the back office). You can see the post at... http://www.zimorama.com/index.php/2007/03/03/href_test

If it is the server, what can I tell my host? (not that you understand the problem either)

any other ideas? any other suggestions? I'd like to be able to use my blog!

Does the same thing happen if you try and post on the [url=http://demo.b2evolution.net/]demo site[/url]?

¥

it worked just fine through the test-blog both as a title and in the body of the post.

I was thinking it might be my anti-virus/privacy software but this disproves that theory.

Can you pm me a login to your blog so I can try and see what's happening?

¥

Ok, this really is a wierd one.

You can't post http:// anywhere on the post screen (not even as a trackback or a deadline date ) without getting your 403 error, but you're able to post urls in comments and edit them in admin without a problem (which uses the same pages as a post does).

I'm absolutely clueless as to why this is happening, but lets try the easy stuff first.

Go grab a fresh copy of the zip from [url=http://downloads.sourceforge.net/evocms/b2evolution-1.9.2-2007-01-22.zip]here[/url]

Then upload the following files and folders to your server

admin.php
_header.php
/inc/ (and all files and sub folders)

Hopefully that'll cure it.

¥

thanks. I replaced the suggested files again without any change. I am unsure about my FTP program- there seems to be some errors but I can't read them (I am using WS_FTP LE on an XP system). I might try another FTP program.

When reading the files- specifically the file sizes- they are different from my system to the server. Could this be because I am running windows while my server is running linux? When I compare the files, they are identical.

alas- is there any hope?

The file size usually seems a bit smaller on your server, or at least it's that way when I FTP stuff using FileZilla. Which, by the way, is free if you're interested in trying it. The idea that replacing the files twice results in the same error seems odd (you started with a fresh zip package right?), although if it's something about your FTP client setup then it makes sense that it'll keep doing the same thing. Maybe try FileZilla and upload again?

Okay, tried FileZilla (which I used way back in the day of dial-up and loved- it's still great) but it didn't help. I uploaded all the files Yabba suggested once again (after deleting those still on my server) to no avail.

This sucks! It consistently rejects posts with URLs but there doesn't seem to be a reason why. I was able to post a URL but it doesn't like the http added to it (for automatically creating the link or doing it by an "a" tag.

Is there some sort of flow chart to show what functions handle each post so we can trace the post and see where the potential error is occuring? if we were to run some sort of debug on this, would that help?

Thanks again.

Tonight I even tried a new installation of 1.9.3 but it didn't fix anything.

Hi David,
This is liable to be a slow process, but here's how I would start tracking it down.

Crack open inc/control/items/edit_actions.php and find this segment of code (near the top)

// All statuses are allowed for acting on:
$show_statuses = array( 'published', 'protected', 'private', 'draft', 'deprecated' );

switch($action)
{
	case 'create':
		/*
		 * --------------------------------------------------------------------
		 * INSERT POST & more
		 */
		// We need early decoding of these in order to check permissions:
		$Request->param( 'post_status', 'string', 'published' );
		$Request->param( 'post_category', 'integer', true );
		$Request->param( 'post_extracats', 'array', array() );
		// make sure main cat is in extracat list and there are no duplicates
		$post_extracats[] = $post_category;
		$post_extracats = array_unique( $post_extracats );
		// Check permission on statuses:
		$current_User->check_perm( 'cats_post_statuses', $post_status, true, $post_extracats );


		// Mumby funky old style navigation stuff:
		$blog = get_catblog( $post_category );
		param( 'mode', 'string', '' );
		switch($mode)
		{
			case 'sidebar':
				$location="b2sidebar.php?blog=$blog";
				break;

			default:
				$location = url_add_param( $admin_url, "ctrl=browse&blog=$blog&filter=restore" );
				break;
		}
		$AdminUI->title = T_('Adding new post...');


		// CREATE NEW POST:
		$edited_Item = & new Item();

		// Set the params we already got:
		$edited_Item->set( 'status', $post_status );
		$edited_Item->set( 'main_cat_ID', $post_category );
		$edited_Item->set( 'extra_cat_IDs', $post_extracats );

		// Set object params:
		$edited_Item->load_from_Request();

		// For the "Exit to blogs..." link:
		$Blog = $edited_Item->get_Blog();

		// Display <html><head>...</head> section! (Note: should be done early if actions do not redirect)
		$AdminUI->disp_html_head();

		// Display title, menu, messages, etc. (Note: messages MUST be displayed AFTER the actions)
		$AdminUI->disp_body_top();


		// TODO: fp> Add a radio into blog settings > Features > Post title: () required () optional () none
		//       dh> there's no "Features" tab in "Blog settings"?! fp> hehe, it needs to be created (not in 1.9)
		/*
		if( empty($edited_Item->title) )
		{ // post_title is "TEXT NOT NULL" and a title makes sense anyway
			$Messages->add( T_('Please give a title.') );
		}
		*/

		// Post post-publishing stuff:
		param( 'trackback_url', 'string' );
		$post_trackbacks = & $trackback_url;

		$Plugins->trigger_event( 'AdminBeforeItemEditCreate', array( 'Item' => & $edited_Item ) );

		if( $Messages->count('error') )
		{
			echo '<div class="panelinfo">';
			$Messages->display( T_('Cannot post, please correct these errors:') );

			// if we the window has a history, acessible through JS, it gets used.
			// The "Hard POST" form below gets replaced by it.
			// NOTE: as far as I've read in the forums, IE or the like, loses form input on history.back()..
			// fp> hum, it seems that it does for *some* fields. Maybe we should be conservative
			// and use history only on browsers known to work like firefox.
			$Form = new Form(NULL, 'back_to_posts_form');
			$Form->hiddens_by_key( $_POST );
			$Form->begin_form( '', '', array('onsubmit' => 'history.back(); return false;') );
			$Form->button( array( 'value' => T_('Back to post editing'), 'class' => 'ActionButton' ) );
			$Form->end_form();

			echo '</div>';
			break;
		}

		// Display Messages (other than "error"):
		$Messages->display();


		// INSERT NEW POST INTO DB:
		echo '<div class="panelinfo">'."\n";
		echo '<h3>', T_('Recording post...'), "</h3>\n";
		$edited_Item->dbinsert();
		echo "</div>\n";


		// post post-publishing operations:
		if( $edited_Item->status != 'published' )
		{
			echo "<div class=\"panelinfo\">\n";
			echo '<p>', T_('Post not publicly published: skipping trackback...'), "</p>\n";
			echo "</div>\n";
		}
		else
		{ // trackback now:
			trackbacks( $post_trackbacks, $edited_Item->content, $edited_Item->title, $edited_Item->ID);
		}

		// Execute or schedule notifications & pings:
		$edited_Item->handle_post_processing();

		echo '<div class="panelinfo"><p>'.T_('Posting Done...')."</p></div>\n";
		break;

Then add the following just before the $edited_Item->dbinsert(); line add :-

echo 'hello world';
exit();

If you get a 403 rather than "hello world" then move the echo/exit further up that segment of code until you either reach the top or you do get "hello world".

If you do get "hello world" then start moving the echo down that segment of code until you either get a 403 or you hit the final "break;"

If you get all the way down the code with no 403 then I'd move onto the bottom section of code (in the same file) and do the same thing

if( empty( $mode ) )
{ // Normal mode:

	if( ! $Messages->count('error') )
	{ // only display, if there were no errors before:
		echo '<div class="panelinfo">';

		if( isset($location) )
		{
			echo '<p><strong>[<a href="'.$location.'">'.T_('Back to posts!').'</a>]</strong></p>';
		}
		echo '<p>' . T_('You may also want to generate static pages or view your blogs...') . '</p>';
		echo '</div>';
		// List the blogs:
		// Display VIEW:
		$AdminUI->disp_view( 'collections/_blogs_list.php' );

		echo '</div>';
	}
}
else
{ // Special mode:
	?>
	<div class="panelinfo">
		<p><strong>[<a href="?ctrl=edit&amp;blog=<?php echo $blog ?>&amp;mode=<?php echo $mode ?>"><?php echo T_('New post') ?></a>]</strong></p>
	</div>
	<?php
}



// Display body bottom, debug info and close </html>:
$AdminUI->disp_global_footer();

/*
 nolog */
?>

Hopefully that will show exactly where the 403 is being generated which will give a better clue as to the problem/solution

¥

Great idea but it didn't even get to the edit_actions.php file.

I placed the "hello world" all the way up to the if !defined part of the script but still got the 403 error.

I tried the same without an URL and saw the "hello world"- just to make sure it was working.

Aparently, somewhere along the path to get to the edit_actions.php file, things are breaking down when I post a URL.

I'll know the b2e code intimately by the time I'm through fixing this problem, won't I?

shooting in the dark- could this be a php setup issue? you can check my php info in the usual location /install/phpinfo.php from zimorama.com.

You're going to become our resident expert ;)

I wouldn't have thought it'd be a setup issue as you're able to use http:// in your comments, and edit them in admin.

So, lets go even further back and start cracking open a few other files.

Start with /admin.php and repeat the same process, if you get as far as "require $control_path.$ctrl_mappings[$ctrl];" then I'm going to be really confused.

¥

I'm gonna jump back in here and ask some of the "is it plugged in" type questions. Just to make sure...

It's on a web server that is supposed to be available on the internet like almost all webs out there? I mean not a private box or an intranet site.

It's not a 'unique' way to call a web site like something using .htaccess to rewrite and redirect URLs? In other words it's a plain-jane domain name with a very normal-looking URL that actually points to the place it is supposed to find?

It's a reasonably normal host that can support various other php+mysql software packages like WordPress or phpbb2?

Probably nothing, but it never hurts to make sure some simple stuff is out of the way.

Too many questions.... but I am glad for the help

First EdB... HUH!?!

It's not on an intranet but I think its a form of shared hosting (someone renting space from another seller who is renting it to me or something like that) but remember- 0.9.1was working for a year on the same server without any problems. I take that back- they switched the specific server on which I was hosted once I got my second domain name.

That brings me to your second question. I am running two sites from my one installation.The primary site is zimorama.com and that runs the main blog. The second site is dizzysoft.com which is actually the /dizzysoft/ directory on the zimorama domain. We are using an .htaccess file to call the dizzysoft.com domain name. The problem I am running into occurs on the zimorama.com site.

Third- I have no reason to believe this isn't a "reasonably normal host that can support various other php+mysql software packages" because they offer others through the control panel.

Yabba- I will try to work my way through the admin.php page, but it might have to wait a couple days before I have the time- Lost is on tomorrow night and I have to get groceries before it starts.

Thanks again.

Alright, Yabba, I tried your "hello world" suggestion throughout the admin.php file (in the main directory) and still got the error every time.

I think EdB might be on to something. Blog 2 is running off another domain name as generated by an htaccess file. Could this be making problems when I try to post something to blog 3, which runs off the main, zimorama.com domain.

The directions on how to run b2e off multiple domains is very confusing to me (http://manual.b2evolution.net/MultipleDomains) and I am not sure I have all this set up correctly.

Then again, why wouldn't this prevent all posts, rather than just posts with a tag hrefs in them?

I went through the admin and edit_actions.php again, exiting the admin section before each try- to make sure it was running with the change. This didn't help.

I have started to find something to work-arround the problem, however. if I exclude the http: from the url, it works just fine (in an anchor tag and as a link from the title of the entry).

At the same time, whenever I have an [ or ] in the blog, I am getting the 403 error.

What is going on?