Emulate a 403 error page
I know you can send a header that tells the browser this page is forbidden like:
header('HTTP/1.0 403 Forbidden');
But how can I also display the custom error page that has been created on the server for this type of error?
By default, just sending the header displays a white pa开发者_运维知识库ge, but I remember a while back reading that you can use the customer error page. Does anybody know?
Just echo your content after sending the header.
header('HTTP/1.0 403 Forbidden');
echo 'You are forbidden!';
http_response_code was introduced in PHP 5.4 and made the things a lot easier!
http_response_code(403);
die('Forbidden');
Include the custom error page after changing the header.
For this you must first say for the browser that the user receive an error 403. For this you can use this code:
header("HTTP/1.1 403 Forbidden" );
Then, the script send "error, error, error, error, error.......", so you must stop it. You can use
exit;
With this two lines the server send an error and stop the script.
Don't forget : that emulate the error, but you must set it in a .htaccess file, with
ErrorDocument 403 /error403.php
Seen a lot of the answers, but the correct one is to provide the full options for the header function call as per the php manual
void header ( string $string [, bool $replace = true [, int $http_response_code ]] )
If you invoke with
header('HTTP/1.0 403 Forbidden', true, 403);
the normal behavior of HTTP 403 as configured with Apache or any other server would follow.
I have read all the answers here and none of them was complete answer for my situation (which is exactly the same in this question) so here is how I gathered some parts of the suggested answers and come up with the exact solution:
- Land on your server's real 403 page. (Go to a forbidden URL on your server, or go to any 403 page you like)
- Right-click and select 'view source'. Select all the source and save it to file on your domain like: http://domain.com/403.html
- now go to your real forbidden page (or a forbidden situation in some part of your php) example: http://domain.com/members/this_is_forbidden.php
echo this code below before any HTML output or header! (even a whitespace will cause PHP to send HTML/TEXT HTTP Header and it won't work) The code below should be your first line!
<?php header('HTTP/1.0 403 Forbidden'); $contents = file_get_contents('/home/your_account/public_html/domain.com/403.html', TRUE); exit($contents);
Now you have the exact solution. I checked and verified with CPANEL Latest Visitors and it is registered as exact 403 event.
.htaccess
ErrorDocument 403 /403.html
To minimize the duty of the server make it simple:
.htaccess
ErrorDocument 403 "Forbidden"
PHP
header('HTTP/1.0 403 Forbidden');
die(); // or your message: die('Forbidden');
Use ModRewrite:
RewriteRule ^403.html$ - [F]
Just make sure you create a blank document called "403.html" in your www root or you'll get a 404 error instead of 403.
I understand you have a scenario with ErrorDocument already defined within your apache conf or .htaccess and want to make those pages appear when manually sending a 4xx status code via php.
Unfortunately this is not possible with common methods because php sends header directly to user's browser (not to Apache web server) whereas ErrorDocument is a display handler for http status generated from Apache.
Refresh the page after sending the 403:
<?php
header('HTTP/1.0 403 Forbidden');
?>
<html><head>
<meta http-equiv="refresh" content="0;URL=http://my.error.page">
</head><body></body></html>
精彩评论