Jump to content

Non SuperUser can't upload Images: Unexpected token

Recommended Posts

Hi i'm having a recurrent problem I found on this forum: when using the image uploader I get the following error on console "Unexpected token < in JSON". But I couldn't solve it with any of the other proposed solutions:

  • setting debug to true
  • setting $config->uploadTmpDir = dirname(__FILE__) . '/assets/uploads/';
  • setting uploadTmpDir in php.ini


BUT This problem only appears for non superuser users (ie editors).

Running on a Digitial Ocean Server with NGINX and PHP 7.1. Version is ProcessWire 3.0.62

Note: Im using Fredi plugin, but i doubt that's the problem because I'm using it in other sites with no problem


Any idea how i could solve this (even with non ajax image upload) I need to sort this as fast and simple as possible :)

Thanks in advance

Share this post

Link to post
Share on other sites

It looks like there is a PHP error message breaking the JSON - you need to go into your dev console and click on the image upload ajax call and go to the response tab.

  • Like 2

Share this post

Link to post
Share on other sites

Thanks @adrian

You made me realize I had code executing on ready.php which was embedding css in the admin page, hence the unexpected <

Others postings led me to think it was a system problem, rather than my own code. 

  • Like 1

Share this post

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.

  • Similar Content

    • By Spiria
      I am writing here instead of the ProCache forum because I have the impression that several nginx experts could solve this. In its new version, Procache proposes new .htaccess rules that are difficult to translate into nginx rules. We currently have a problem with the trailing slash of URLs which gives us a bad score in SEO analysis tools such as semrush.com. 
      Indeed, a canonical URL is either without or with "/", but cannot be served by both options. Although ProcessWire without ProCache respects this rule, ProCache has no difficulty serving both, which is considered an SEO optimisation fault. I believe that ProCache version 2 solves this problem with these new rules, but I can't understand the following. Does anyone have any idea how to translate this into a nginx rule?
      Attached also the whole proposed .htaccess for ProcessWire.
      # PROCACHE v2/31885be14d6cfb4b2b0d3e533260bded -------------------------------------------------- RewriteCond %{REQUEST_METHOD} !=POST RewriteCond %{QUERY_STRING} !.*=.* RewriteRule ^.*/$ - [E=pwpcstep:pour,E=pwpcname:index] RewriteCond %{ENV:pwpcstep} "=pour" RewriteCond %{HTTP_COOKIE} !^.*(wire_challenge|wires_challenge).*$ RewriteRule ^.*/$ - [E=pwpcstep:stir,E=pwpcpath:%{DOCUMENT_ROOT}/site/assets/ProCache-00478359c5e65dbada1075bfbd4] RewriteCond %{ENV:pwpcstep} "=stir" RewriteCond %{ENV:pwpcpath}/$0/%{ENV:pwpcname}.html -f RewriteRule ^.*$ - [E=pwpcstep:drink,E=pwpcfile:$0/%{ENV:pwpcname}.html] RewriteCond %{ENV:pwpcstep} "=drink" RewriteRule ^(.*) %{ENV:pwpcpath}/%{ENV:pwpcfile} [L] <ifModule mod_headers.c> Header set X-PWPC "ProCache" env=pwpcstep Header set X-Powered-By "ProcessWire CMS, ProCache" env=pwpcstep </ifModule> RewriteCond %{REQUEST_URI} "^/~?[-_.a-zA-Z0-9/]*$" # /PROCACHE -------------------------------------------------------------------------------------  
    • By anttila
      I have a new server and wanted to use nginx. However, I have two ProcessWire websites which does not let me do anything. I'll get this error every time when I try to change something and sometimes when logging in. Deleted all caches already from ProcessWire and browser. This also happens after installing new ProcessWire and all directories were owned by www-data.
      I also have two working websites without any problems and all these four uses same kind of setting on nginx config. I don't understand why some of those working fine and some not.
      Running Debian 10, MariaDB 10.3.22, PHP 7.4, nginx 1.14.2
      This request was aborted because it appears to be forged. #0 /sites/clients/clientname/wire/modules/Process/ProcessPageTrash.module(49): ProcessWire\SessionCSRF->validate() #1 /sites/clients/clientname/wire/core/Wire.php(380): ProcessWire\ProcessPageTrash->___execute() #2 /sites/clients/clientname/wire/core/WireHooks.php(823): ProcessWire\Wire->_callMethod() #3 /sites/clients/clientname/wire/core/Wire.php(450): ProcessWire\WireHooks->runHooks() #4 /sites/clients/clientname/wire/core/ProcessController.php(337): ProcessWire\Wire->__call() #5 /sites/clients/clientname/wire/core/Wire.php(380): ProcessWire\ProcessController->___execute() #6 /sites/clients/clientname/wire/core/WireHooks.php(823): ProcessWire\Wire->_callMethod() #7 /sites/clients/clientname/wire/core/Wire.php(450): ProcessWire\WireHooks->runHooks() #8 /sites/clients/clientname/wire/core/admin.php(150): ProcessWire\Wire->__call() #9 /sites/clients/clientname/wire/modules/AdminTheme/AdminThemeDefault/controller.php(13): require('/sites/clients/...') #10 /sites/clients/clientname/site/templates/admin.php(15): require('/sites/clients/...') #11 /sites/clients/clientname/wire/core/TemplateFile.php(318): require('/sites/clients/...') #12 /sites/clients/clientname/wire/core/Wire.php(380): ProcessWire\TemplateFile->___render() #13 /sites/clients/clientname/wire/core/WireHooks.php(823): ProcessWire\Wire->_callMethod() #14 /sites/clients/clientname/wire/core/Wire.php(450): ProcessWire\WireHooks->runHooks() #15 /sites/clients/clientname/wire/modules/PageRender.module(536): ProcessWire\Wire->__call() #16 /sites/clients/clientname/wire/core/Wire.php(383): ProcessWire\PageRender->___renderPage() #17 /sites/clients/clientname/wire/core/WireHooks.php(823): ProcessWire\Wire->_callMethod() #18 /sites/clients/clientname/wire/core/Wire.php(450): ProcessWire\WireHooks->runHooks() #19 /sites/clients/clientname/wire/core/WireHooks.php(924): ProcessWire\Wire->__call() #20 /sites/clients/clientname/wire/core/Wire.php(450): ProcessWire\WireHooks->runHooks() #21 /sites/clients/clientname/wire/modules/Process/ProcessPageView.module(213): ProcessWire\Wire->__call() #22 /sites/clients/clientname/wire/core/Wire.php(383): ProcessWire\ProcessPageView->___execute() #23 /sites/clients/clientname/wire/core/WireHooks.php(823): ProcessWire\Wire->_callMethod() #24 /sites/clients/clientname/wire/core/Wire.php(450): ProcessWire\WireHooks->runHooks() #25 /sites/clients/clientname/index.php(55): ProcessWire\Wire->__call() #26 {main}  
    • By Sten
      Although I use a config on an other of my sites that works well. An error 500 is driving me nuts.
      Coul someone have a look on my config
      server { listen 80; server_name attente.xyz; rewrite ^ https://$server_name$request_uri? permanent; } server { listen 443 ssl; server_name attente.xyz; ssl_certificate /etc/letsencrypt/live/krouus.company/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/krouus.company/privkey.pem; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Activer le ciphers et mettre ceux autorisés (je vous laisse faire de plus amples recherches pour ça ;) ) ssl_prefer_server_ciphers on; ssl_ciphers 'DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-CAMELLIA256-SHA:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES256-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-CAMELLIA128-SHA:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES128-SHA256'; ssl_session_cache shared:SSL:10m; ssl_session_timeout 10m; # La fameuse clé générée en dernier ssl_dhparam /etc/nginx/dhparam.pem; # Ajout d'une règle http add_header Strict-Transport-Security "max-age=31536000;"; root /var/www/attente.xyz/html; index index.php index.html index.htm; location / { # try_files $uri $uri/ /index.php?it=$uri&$args; try_files $uri /index.php$is_args$args; fastcgi_pass unix:/run/php/php7.0-fpm.sock; fastcgi_index index.php; include fastcgi_params; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; fastcgi_intercept_errors on; fastcgi_ignore_client_abort off; fastcgi_connect_timeout 60; fastcgi_send_timeout 180; fastcgi_read_timeout 180; fastcgi_buffers 4 256k; fastcgi_buffer_size 128k; fastcgi_busy_buffers_size 256k; fastcgi_temp_file_write_size 256k; } location ~ \.php$ { #try_files $uri =404; include snippets/fastcgi-php.conf; include /etc/nginx/fastcgi_params; fastcgi_pass unix:/run/php/php7.0-fpm.sock; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; # .htaccess 10. fastcgi_param HTTP_MOD_REWRITE On; fastcgi_param X-Real-IP $remote_addr; fastcgi_param X-Forwarded-For $remote_addr; fastcgi_param Host $host; } location ~* \.(?:css|gif|htc|ico|js|jpe?g|png|swf|svg|ttf|eot|woff|less|pdf)$ { #expires max; log_not_found off; ## No need to bleed constant updates. Send the all shebang in one ## fell swoop. tcp_nodelay off; ## Set the OS file cache. open_file_cache max=1000 inactive=120s; open_file_cache_valid 45s; open_file_cache_min_uses 2; open_file_cache_errors off; valid_referers attente.xyz; ##ajout ProcessWire expires 24h; #log_not_found off; access_log off; try_files $uri /index.php?it=$uri&$args; } # .htaccess 8.1 charset utf-8; # .htaccess 3. location = /favicon.ico { log_not_found off; access_log off; } location = /robots.txt { log_not_found off; access_log off; } # .htaccess 4. # add_header X-Frame-Options SAMEORIGIN always; # Set by ProcessWire core add_header X-XSS-Protection "1; mode=block"; # add_header X-Content-Type-Options "nosniff"; # ----------------------------------------------------------------------------------------------- # .htaccess 5. # ----------------------------------------------------------------------------------------------- # Block access to ProcessWire system files location ~ \.(inc|info|info\.json|module|sh|sql)$ { deny all; } # Block access to composer files location ~ composer\.(json|lock)$ { deny all; } # Block access to any file or directory that begins with a period (except well-known) location ~ (^|/)\.(?!well-known)|^\..*$ { deny all; } # ----------------------------------------------------------------------------------------------- # .htaccess 15. # ----------------------------------------------------------------------------------------------- # Block access to protected assets directories location ~ ^/(site|site-[^/]+)/assets/(cache|logs|backups|sessions|config|install|tmp)($|/.*$) { deny all; } # Block acceess to the /site/install/ directory location ~ ^/(site|site-[^/]+)/install($|/.*$) { deny all; } # Block dirs in /site/assets/ dirs that start with a hyphen location ~ ^/(site|site-[^/]+)/assets.*/-.+/.* { deny all; } # Block access to /wire/config.php, /site/config.php, /site/config-dev.php, and /wire/index.config.php location ~ ^/(wire|site|site-[^/]+)/(config|index\.config|config-dev)\.php$ { deny all; } # Block access to any PHP-based files in /templates-admin/ location ~ ^/(wire|site|site-[^/]+)/templates-admin($|/|/.*\.(php|html?|tpl|inc))$ { deny all; } # Block access to any PHP or markup files in /site/templates/ location ~ ^/(site|site-[^/]+)/templates($|/|/.*\.(php|html?|tpl|inc))$ { deny all; } # Block access to any PHP files in /site/assets/ location ~ ^/(site|site-[^/]+)/assets($|/|/.*\.php)$ { deny all; } # Block access to any PHP files in core or core module directories location ~ ^/wire/(core|modules)/.*\.(php|inc|tpl|module)$ { deny all; } # Block access to any PHP files in /site/modules/ location ~ ^/(site|site-[^/]+)/modules/.*\.(php|inc|tpl|module)$ { deny all; } # Block access to any software identifying txt files location ~ ^/(COPYRIGHT|INSTALL|README|htaccess)\.(txt|md)$ { deny all; } # Block all http access to the default/uninstalled site-default directory location ~ ^/site-default/ { deny all; } }
      Thank you for any hunch.
    • By Xonox
      I'm trying to upload images from a folder into a page. I need to replace the images instead of adding. The image field already has the replace existing images turned on, but it doesn't seem to be enough.
      My code:
      foreach($files as $file) { if(substr($file, 0, 1) != '.' && $file != '.' && $file != '..') { // Get SKU $file_sku = substr($file, 0, 9); // Check for book $book = $pages->get('sku=' . $file_sku); if(!$book->id) { // Book doesn't exist } else { // Upload image into book !!! THIS CODE ADDS FILE INSTEAD OF REPLACING. HOW CAN I REPLACE? $book->book_images->add($upload_directory . '/' . $file); // Delete file unlink($upload_directory . '/' . $file); } // Save book if($book->id) $book->save(); } }  
      What am I missing?
    • By Guy Incognito
      I'm trying to implement a front-end image upload form for user profile pictures, to a field called 'profile_picture'. The code is based on the various examples found around these forums but isn't yet 100% right.
      The form successfully submits the image to the server and updates the field in the dashboard. When you submit the firm, the page reloads and uploads the image but the template still loads the old image path (now broken path as the old image has been removed).
      I can only get the new image to show if I hit enter in the address bar forcing the page to reload.
      Any ideas? Is it a caching issue, or something to do with the order of the script? It makes no difference if I call the image after the upload form.
      <?php //Display current user image $userImg = $user->profile_picture->first(); echo '<img src="'.$userImg->url.'">'; $upload_path = $config->paths->assets . "files/avatar_uploads/"; $f = new WireUpload('userimage'); $f->setMaxFiles(1); $f->setMaxFileSize(1*1024*1024); $f->setOverwrite(true); $f->setDestinationPath($upload_path); $f->setValidExtensions(array('jpg', 'jpeg', 'png', 'gif')); if($input->post->form_submit) { if(!is_dir($upload_path)) { if(!wireMkdir($upload_path)) throw new WireException("No upload path!"); } $files = $f->execute(); if ($f->getErrors()) { foreach($files as $filename) @unlink($upload_path . $filename); foreach($f->getErrors() as $e) echo $e; } else { $user->of(false); $user->profile_picture->removeAll(); // wirearray (line added by @horst: explanation is three posts beneath) $user->profile_picture = $upload_path . $files[0]; $user->save(); $user->of(true); @unlink($upload_path . $files[0]); } } ?> <form class="forum-form" accept-charset="utf-8" action="./" method="post" enctype="multipart/form-data" > <input type="file" id="attach" name="userimage" accept="image/jpg,image/jpeg,image/gif,image/png" /> <input type="submit" name="form_submit" value="Submit"/> </form>
  • Create New...