Hidden Data Attributes for Express

Advanced Search

You do not have access to submit this form

Permalink Browser Info Environment
I'm not sure if this problem was ever previously tested with a non-admin login. The form works fine when an administrator is logged in but when a regular user, who has logged in successfully, submits this form, which included hidden fields, they are presented with the following error at the top of the form.

"You do not have access to submit this form"

We have done several CMS upgrades and PHP and MySQL to MariaDB upgrades prior to my finding this error.
Type: Ticket
Status: Resolved
jfhencken
View Replies:
mnakalay replied on at Permalink Reply
mnakalay
Hello,

this is most likely an issue with your form settings not with the hidden attribute. I saw that happen before when the form was set to save the submitted data to a folder that didn't have the proper permission.

You should try removing the hidden attribute to see if you still have the same issue or not.
jfhencken replied on at Permalink Reply
jfhencken
Thank you for your suggestions on where to look.

Express | Edit Entity | Results Folder Location was set to "Entries" and not to the sub-folder "Forms". When I changed it to "Forms" the permission error disappeared. I'm fairly sure I never changed the default setting from when I first created this form around v8.4 and I am now at v8.5.7

Can you tell me where the Entries and Forms folders are physically located? And do I have access within the Dashboard to edit folders or create other folders?
mnakalay replied on at Permalink Reply
mnakalay
You have to go to
/dashboard/system/express/entries

if you check the permissions on each folder, you'll see that the "entries" folder can only be added to by administrators while the other ones can be added to by guests

concrete5 Environment Information

# concrete5 Version
Core Version - 8.5.6
Version Installed - 8.5.6
Database Version - 20210622145600

# Database Information
Version: 10.3.34-MariaDB
SQL Mode: STRICT_TRANS_TABLES,ERROR_FOR_DIVISION_BY_ZERO,NO_AUTO_CREATE_USER,NO_ENGINE_SUBSTITUTION

# concrete5 Packages
Background Image and Overlay (0.9.9), Customize Editing Interface (1.0.1), Cycle2 Slide Show (1.0.2), Dex Superfish (2.1.0), Extreme Clean (7.2.0), Free Google Maps (1.0.0), Hidden Data Attributes for Express (1.0.2), Honest Websites Back To Top (1.1.0), HTML+PHP Code Block (1.0.2), HTML5 Audio Player Basic (2.0.7), Login/Logout Link (1.0), Login Page Background (0.9.1), Magic Tabs (7.2.8), Optimize Database Tables (1.0.0), PDF Viewer (1.0.1), Simple Audio Player (0.9.2), Vimeo Video (1.0.2), WNCTG PDF Viewer (0.9)

# concrete5 Overrides
blocks/form/view.php, blocks/form/controller.php, blocks/form, blocks/fc_file_block_button_maker/view.php, blocks/fc_file_block_button_maker/add.php, blocks/fc_file_block_button_maker/icon.png, blocks/fc_file_block_button_maker/edit.php, blocks/fc_file_block_button_maker/db.xml, blocks/fc_file_block_button_maker/controller.php, blocks/fc_file_block_button_maker/form.php, blocks/fc_file_block_button_maker, blocks/fc_trigger_magic_tab/view.php, blocks/fc_trigger_magic_tab/add.php, blocks/fc_trigger_magic_tab/icon.png, blocks/fc_trigger_magic_tab/edit.php, blocks/fc_trigger_magic_tab/db.xml, blocks/fc_trigger_magic_tab/controller.php, blocks/fc_trigger_magic_tab/form.php, blocks/fc_trigger_magic_tab, blocks/fc_relationships_tab/view.php, blocks/fc_relationships_tab/add.php, blocks/fc_relationships_tab/icon.png, blocks/fc_relationships_tab/edit.php, blocks/fc_relationships_tab/db.xml, blocks/fc_relationships_tab/controller.php, blocks/fc_relationships_tab/form.php, blocks/fc_relationships_tab, blocks/fc_relationships_tab_v1.0.1.zip, blocks/fc_welcome_info/view.php, blocks/fc_welcome_info/add.php, blocks/fc_welcome_info/icon.png, blocks/fc_welcome_info/edit.php, blocks/fc_welcome_info/db.xml, blocks/fc_welcome_info/controller.php, blocks/fc_welcome_info/form.php, blocks/fc_welcome_info, blocks/fc_vimeo_player/view.php, blocks/fc_vimeo_player/vimeo/player.js, blocks/fc_vimeo_player/vimeo/player.js.map, blocks/fc_vimeo_player/vimeo, blocks/fc_vimeo_player/add.php, blocks/fc_vimeo_player/icon.png, blocks/fc_vimeo_player/edit.php, blocks/fc_vimeo_player/db.xml, blocks/fc_vimeo_player/controller.php, blocks/fc_vimeo_player/form.php, blocks/fc_vimeo_player, blocks/fc_load_cognito_pft_form/view.php, blocks/fc_load_cognito_pft_form/add.php, blocks/fc_load_cognito_pft_form/icon.png, blocks/fc_load_cognito_pft_form/edit.php, blocks/fc_load_cognito_pft_form/db.xml, blocks/fc_load_cognito_pft_form/controller.php, blocks/fc_load_cognito_pft_form/form.php, blocks/fc_load_cognito_pft_form, blocks/fc_help_me_form/view.php, blocks/fc_help_me_form/add.php, blocks/fc_help_me_form/icon.png, blocks/fc_help_me_form/edit.php, blocks/fc_help_me_form/db.xml, blocks/fc_help_me_form/controller.php, blocks/fc_help_me_form/form.php, blocks/fc_help_me_form, blocks/phpcodeblock/TEMP_form_setup_html.php, blocks/phpcodeblock/TEMP_controller.php, blocks/phpcodeblock, controllers/place_holder.txt, elements/footer_required.php, attributes/place_holder.txt, authentication/place_holder.txt, jobs/CronJobUpdateAllMembersLeaderGroupAssignments.php, jobs/CronJobUpdateUsersVimeoStatsVimeoCum.php, jobs/CronJobUpdateAllMembersMasterAndHomeLabelHubIDs.php, jobs/CronJobExpressHelpMeProcessing.php, jobs/CronJobAssignAllUsersToCorrectCourseGroups.php, jobs/CronJobUpdateAllDataObjectNameAndIdAttributes.php, jobs/CronJobExpressRegistrationProcessing.php, mail/place_holder.txt, single_pages/place_holder.txt, themes/clonelemental/left_sidebar_ORIG.php, themes/clonelemental/view.php, themes/clonelemental/elements/footer.php, themes/clonelemental/elements/footer_bottom.php, themes/clonelemental/elements/header.php, themes/clonelemental/elements/header_ORIG.php, themes/clonelemental/elements/header_top.php, themes/clonelemental/elements, themes/clonelemental/left_sidebar.php, themes/clonelemental/thumbnail.png, themes/clonelemental/right_sidebar.php, themes/clonelemental/full.php, themes/clonelemental/default_ORIG.php, themes/clonelemental/page_forbidden.php, themes/clonelemental/default.php, themes/clonelemental/page_theme.php, themes/clonelemental/blank.php, themes/clonelemental/css/styles.xml, themes/clonelemental/css/presets/blue-sky.less, themes/clonelemental/css/presets/royal.less, themes/clonelemental/css/presets/defaults.less, themes/clonelemental/css/presets/night-road.less, themes/clonelemental/css/presets, themes/clonelemental/css/bootstrap-modified.css, themes/clonelemental/css/build/bootstrap-3.2.0/dropdowns.less, themes/clonelemental/css/build/bootstrap-3.2.0/list-group.less, themes/clonelemental/css/build/bootstrap-3.2.0/forms.less, themes/clonelemental/css/build/bootstrap-3.2.0/popovers.less, themes/clonelemental/css/build/bootstrap-3.2.0/navbar.less, themes/clonelemental/css/build/bootstrap-3.2.0/button-groups.less, themes/clonelemental/css/build/bootstrap-3.2.0/media.less, themes/clonelemental/css/build/bootstrap-3.2.0/grid.less, themes/clonelemental/css/build/bootstrap-3.2.0/component-animations.less, themes/clonelemental/css/build/bootstrap-3.2.0/responsive-embed.less, themes/clonelemental/css/build/bootstrap-3.2.0/tables.less, themes/clonelemental/css/build/bootstrap-3.2.0/badges.less, themes/clonelemental/css/build/bootstrap-3.2.0/pagination.less, themes/clonelemental/css/build/bootstrap-3.2.0/responsive-utilities.less, themes/clonelemental/css/build/bootstrap-3.2.0/glyphicons.less, themes/clonelemental/css/build/bootstrap-3.2.0/close.less, themes/clonelemental/css/build/bootstrap-3.2.0/labels.less, themes/clonelemental/css/build/bootstrap-3.2.0/breadcrumbs.less, themes/clonelemental/css/build/bootstrap-3.2.0/navs.less, themes/clonelemental/css/build/bootstrap-3.2.0/bootstrap.less, themes/clonelemental/css/build/bootstrap-3.2.0/mixins/list-group.less, themes/clonelemental/css/build/bootstrap-3.2.0/mixins/clearfix.less, themes/clonelemental/css/build/bootstrap-3.2.0/mixins/forms.less, themes/clonelemental/css/build/bootstrap-3.2.0/mixins/grid.less, themes/clonelemental/css/build/bootstrap-3.2.0/mixins/border-radius.less, themes/clonelemental/css/build/bootstrap-3.2.0/mixins/vendor-prefixes.less, themes/clonelemental/css/build/bootstrap-3.2.0/mixins/grid-framework.less, themes/clonelemental/css/build/bootstrap-3.2.0/mixins/pagination.less, themes/clonelemental/css/build/bootstrap-3.2.0/mixins/tab-focus.less, themes/clonelemental/css/build/bootstrap-3.2.0/mixins/table-row.less, themes/clonelemental/css/build/bootstrap-3.2.0/mixins/labels.less, themes/clonelemental/css/build/bootstrap-3.2.0/mixins/opacity.less, themes/clonelemental/css/build/bootstrap-3.2.0/mixins/buttons.less, themes/clonelemental/css/build/bootstrap-3.2.0/mixins/center-block.less, themes/clonelemental/css/build/bootstrap-3.2.0/mixins/reset-filter.less, themes/clonelemental/css/build/bootstrap-3.2.0/mixins/responsive-visibility.less, themes/clonelemental/css/build/bootstrap-3.2.0/mixins/size.less, themes/clonelemental/css/build/bootstrap-3.2.0/mixins/hide-text.less, themes/clonelemental/css/build/bootstrap-3.2.0/mixins/text-overflow.less, themes/clonelemental/css/build/bootstrap-3.2.0/mixins/resize.less, themes/clonelemental/css/build/bootstrap-3.2.0/mixins/panels.less, themes/clonelemental/css/build/bootstrap-3.2.0/mixins/text-emphasis.less, themes/clonelemental/css/build/bootstrap-3.2.0/mixins/nav-vertical-align.less, themes/clonelemental/css/build/bootstrap-3.2.0/mixins/progress-bar.less, themes/clonelemental/css/build/bootstrap-3.2.0/mixins/nav-divider.less, themes/clonelemental/css/build/bootstrap-3.2.0/mixins/background-variant.less, themes/clonelemental/css/build/bootstrap-3.2.0/mixins/image.less, themes/clonelemental/css/build/bootstrap-3.2.0/mixins/alerts.less, themes/clonelemental/css/build/bootstrap-3.2.0/mixins/gradients.less, themes/clonelemental/css/build/bootstrap-3.2.0/mixins, themes/clonelemental/css/build/bootstrap-3.2.0/buttons.less, themes/clonelemental/css/build/bootstrap-3.2.0/normalize.less, themes/clonelemental/css/build/bootstrap-3.2.0/modals.less, themes/clonelemental/css/build/bootstrap-3.2.0/thumbnails.less, themes/clonelemental/css/build/bootstrap-3.2.0/theme.less, themes/clonelemental/css/build/bootstrap-3.2.0/utilities.less, themes/clonelemental/css/build/bootstrap-3.2.0/input-groups.less, themes/clonelemental/css/build/bootstrap-3.2.0/pager.less, themes/clonelemental/css/build/bootstrap-3.2.0/scaffolding.less, themes/clonelemental/css/build/bootstrap-3.2.0/wells.less, themes/clonelemental/css/build/bootstrap-3.2.0/panels.less, themes/clonelemental/css/build/bootstrap-3.2.0/variables.less, themes/clonelemental/css/build/bootstrap-3.2.0/jumbotron.less, themes/clonelemental/css/build/bootstrap-3.2.0/code.less, themes/clonelemental/css/build/bootstrap-3.2.0/progress-bars.less, themes/clonelemental/css/build/bootstrap-3.2.0/type.less, themes/clonelemental/css/build/bootstrap-3.2.0/carousel.less, themes/clonelemental/css/build/bootstrap-3.2.0/mixins.less, themes/clonelemental/css/build/bootstrap-3.2.0/alerts.less, themes/clonelemental/css/build/bootstrap-3.2.0/print.less, themes/clonelemental/css/build/bootstrap-3.2.0/tooltip.less, themes/clonelemental/css/build/bootstrap-3.2.0, themes/clonelemental/css/build/errors.less, themes/clonelemental/css/build/body.less, themes/clonelemental/css/build/breadcrumb.less, themes/clonelemental/css/build/search.less, themes/clonelemental/css/build/pagination.less, themes/clonelemental/css/build/captcha.less, themes/clonelemental/css/build/mobile/navigation.less, themes/clonelemental/css/build/mobile, themes/clonelemental/css/build/header.less, themes/clonelemental/css/build/reset.less, themes/clonelemental/css/build/custom-design-classes/area-content-accent.less, themes/clonelemental/css/build/custom-design-classes/testimonial-bio.less, themes/clonelemental/css/build/custom-design-classes/recent-blog-entry.less, themes/clonelemental/css/build/custom-design-classes/block-sidebar-padded.less, themes/clonelemental/css/build/custom-design-classes/blog-entry-list.less, themes/clonelemental/css/build/custom-design-classes/block-sidebar-wrapped.less, themes/clonelemental/css/build/custom-design-classes, themes/clonelemental/css/build/blocks/page-list-template-thumbnail-grid.less, themes/clonelemental/css/build/blocks/topic-list.less, themes/clonelemental/css/build/blocks/faq.less, themes/clonelemental/css/build/blocks/page-title-option-byline.less, themes/clonelemental/css/build/blocks/feature.less, themes/clonelemental/css/build/blocks/page-list-option-buttons.less, themes/clonelemental/css/build/blocks/date-navigation.less, themes/clonelemental/css/build/blocks/tags.less, themes/clonelemental/css/build/blocks/feature-template-hover-description.less, themes/clonelemental/css/build/blocks/page-list.less, themes/clonelemental/css/build/blocks/next-previous.less, themes/clonelemental/css/build/blocks/image-slider.less, themes/clonelemental/css/build/blocks/image.less, themes/clonelemental/css/build/blocks/testimonial.less, themes/clonelemental/css/build/blocks/page-title.less, themes/clonelemental/css/build/blocks/page-attribute-display.less, themes/clonelemental/css/build/blocks, themes/clonelemental/css/build/buttons.less, themes/clonelemental/css/build/add-ons/calendar.less, themes/clonelemental/css/build/add-ons, themes/clonelemental/css/build/content.less, themes/clonelemental/css/build/footer.less, themes/clonelemental/css/build/mixins.less, themes/clonelemental/css/build/fonts/blue-sky.less, themes/clonelemental/css/build/fonts/royal.less, themes/clonelemental/css/build/fonts/defaults.less, themes/clonelemental/css/build/fonts/night-road.less, themes/clonelemental/css/build/fonts, themes/clonelemental/css/build/miscellaneous-styles.less, themes/clonelemental/css/build, themes/clonelemental/css/main.less, themes/clonelemental/css, themes/clonelemental/right_sidebar_ORIG.php, themes/clonelemental/images/background.png, themes/clonelemental/images/background-slider-night-road.png, themes/clonelemental/images/background-slider-blue-sky.png, themes/clonelemental/images/background-slider-royal.png, themes/clonelemental/images/background-slider-default.png, themes/clonelemental/images, themes/clonelemental/page_not_found.php, themes/clonelemental, tools/place_holder.txt, page_templates/place_holder.txt, views/place_holder.txt, src/FreedomCourses/Controller/CognitoFCController.php, src/FreedomCourses/Controller/BulkMailController.php, src/FreedomCourses/Controller/VimeoFCController.php, src/FreedomCourses/Controller/DataTablesFCController.php, src/FreedomCourses/Controller/FunctionsFC.php, src/FreedomCourses/Controller/StripeFCController.php, src/FreedomCourses/Controller, src/FreedomCourses

# concrete5 Cache Settings
Block Cache - Off
Overrides Cache - Off
Full Page Caching - Off
Full Page Cache Lifetime - Every 6 hours (default setting).

# Server Software
Apache

# Server API
fpm-fcgi

# PHP Version
7.4.28

# PHP Extensions
bcmath, calendar, cgi-fcgi, Core, ctype, curl, date, dba, dom, enchant, exif, fileinfo, filter, ftp, gd, gettext, gmp, hash, iconv, intl, ionCube Loader, json, ldap, libxml, mbstring, mysqli, mysqlnd, openssl, pcntl, pcre, PDO, pdo_mysql, pdo_pgsql, pdo_sqlite, pgsql, Phar, posix, pspell, Reflection, session, shmop, SimpleXML, snmp, soap, sockets, SPL, sqlite3, standard, sysvmsg, sysvsem, sysvshm, tokenizer, xml, xmlreader, xmlrpc, xmlwriter, xsl, Zend OPcache, zip, zlib

# PHP Settings
max_execution_time - 120
log_errors_max_len - 1024
max_file_uploads - 20
max_input_nesting_level - 64
max_input_time - 60
max_input_vars - 1000
memory_limit - 128M
post_max_size - 8M
upload_max_filesize - 30M
ic24.api.max_timeout - 7
ldap.max_links - Unlimited
mbstring.regex_retry_limit - 1000000
mbstring.regex_stack_limit - 100000
mysqli.max_links - Unlimited
mysqli.max_persistent - Unlimited
pcre.backtrack_limit - 1000000
pcre.recursion_limit - 100000
pgsql.max_links - Unlimited
pgsql.max_persistent - Unlimited
session.cache_limiter - <i>no value</i>
session.gc_maxlifetime - 7200
soap.wsdl_cache_limit - 5
unserialize_max_depth - 4096
opcache.max_accelerated_files - 4000
opcache.max_file_size - 0
opcache.max_wasted_percentage - 5

Browser User-Agent String

Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:91.0) Gecko/20100101 Firefox/91.0 Waterfox/91.7.0

Hide Post Content

This will replace the post content with the message: "Content has been removed by an Administrator"

Hide Content

Request Refund

You may not request a refund that is not currently owned by you.