Version: 2.10.1 Reporter: IRIS_HQ —
This is an archived bug report. If you are experiencing a similar issue, upgrade to the latest release and if that does not solve the problem, submit a new bug report
EE provides the ability to create a custom 404 error page. However, it does not provide the ability to create custom 401 or 403 HTTP code error pages, unlike other web development frameworks, yet it uses HTTP authentication and authorization throughout the CMS. Searching the EE core shows where this is implemented, and it seems very much like a sledgehammer approach.
In system/expressionengine/libraries/Auth.php
132 // --------------------------------------------------------------------
133
134 /**
135 * Authenticate from basic http auth
136 *
137 * @access public
138 */
139 public function authenticate_http_basic($not_allowed_groups = array(),
140 $realm='Authentication Required')
141 {
142 $always_disallowed = array(2, 3, 4);
143
144 $not_allowed_groups = array_merge($not_allowed_groups, $always_disallowed);
145
146 $authed = $this->_retrieve_http_basic();
147
148 if ($authed !== FALSE)
149 {
150 if (in_array($authed->member('group_id'), $not_allowed_groups))
151 {
152 $authed = FALSE;
153 }
154 }
155
156 if ($authed === FALSE)
157 {
158 @header('WWW-Authenticate: Basic realm="'.$realm.'"');
159 ee()->output->set_status_header(401);
160 @header("Date: ".gmdate("D, d M Y H:i:s")." GMT");
161 exit("HTTP/1.0 401 Unauthorized");
162 }
163
164 return TRUE;
165 }
The code uses the PHP exit() function to dump out a string. There is no way to actually subclass this functionality and create a custom 401 or 403 error page.
Note: I cannot even find a place where 403 errors are handled.
Please fix this bug, or at the very least give the control of error document handling back to Apache. Right now EE hijacks the process.
ExpressionEngine implements Markdown Extra and BBCode. Please see the Markdown Extra docs and the BBCode Wikipedia article for a full reference.
**bold**
, __bold__
, *italics*
, _italics_
, ~strike/del~
, `code()`
bold, italics, strike/del, code()
Link: [link title](https://example.com)
Image: ![alt text](https://example.com/image.jpg)
[blockquote]...[/blockquote]
, [quote]...[/quote]
, and Markdown style:
> Some quoted text. > > This is all one quote.
[code]...[/code]
, and you can also specify the language for syntax highlighting, [code=php]...[/code]
GitHub flavored Markdown code fences are also supported:
``` public function decoderRing($str) { return str_rot13($str); } ```