Code causes “403 FORBIDDEN” error when saved

  • Hi there,
    When I try to create a new snippet, I get a “403 forbidden” error if I Save or Save+Activate.
    Specifically, the second last line (return $output…) seems to be the culprit. I entered the code line-by-line (always with the closing } bracket) and it saves fine until I get to that second last line.

    add_filter( ‘sliced_get_invoice_description’, ‘si20220927_do_something_with_the_description’, 10, 2 );
function si20220927_do_something_with_the_description( $output, $id ) {
if ( !str_contains( $output, “[” )) return $output;
preg_match( “/\[([^\]]*)\]/”, $output, $matches );
$eval_inside = str_replace( ‘total’, sliced_get_invoice_total_raw(), $matches[0] );
$eval_inside = strtr( $eval_inside, array( ‘[‘ => ”, ‘]’ => ” ) );
$eval_inside = eval( “return ” . $eval_inside . “;” );
return $output = preg_replace( “/\[([^\]]*)\]/”, $eval_inside, $output );
}

    I didn’t write the code, it was written by a developer as a solution to a feature suggestion I had. They sent a screenshot showing it working on their installation, so I’m afraid it might be due to Code Snippets.

    It is specifically the preg_replace( “/\[([^\]]*)\]/”, part, since I can save with return $output = $eval_inside, $output );

    Interestingly, if I comment out that second last line (//return $output…), it still causes the 403 error.

    Anyone have any idea what might be wrong?

    Thanks in advance,
    Dax Liniere.

    • This topic was modified 2 years, 5 months ago by Dax Liniere.
Viewing 1 replies (of 1 total)
  • Plugin Author Shea Bunge

    (@bungeshea)

    Hi Dax,

    Would it be possible to give this slightly modified code a try and see whether it’s still causing the same error?

    There were some weird lines in the original version that might have been causing issues, but I can’t be 100% sure.

    add_filter( 'sliced_get_invoice_description', function ( $output ) {
	if ( ! str_contains( $output, '[' ) ) {
		return $output;
	}

	preg_match( '/\[([^]]*)]/', $output, $matches );
	
	$eval_inside = str_replace( 'total', sliced_get_invoice_total_raw(), $matches[0] );
	$eval_inside = strtr( $eval_inside, array( '[' => ", ']' => " ) );
	$eval_inside = eval( sprintf( 'return %s;', $eval_inside ) );

	return preg_replace( '/\[([^]]*)]/', $eval_inside, $output );
}, 10, 2 );
Viewing 1 replies (of 1 total)
  • The topic ‘Code causes “403 FORBIDDEN” error when saved’ is closed to new replies.