Support

Admin Tools

#29857 SEF plugin & Admin Tools plugin

Posted in ‘Admin Tools for Joomla! 4 & 5’
This is a public ticket

Everybody will be able to see its contents. Do not include usernames, passwords or any other sensitive information.

Environment Information

Joomla! version
n/a
PHP version
n/a
Admin Tools version
n/a

Latest post by on Sunday, 22 July 2018 17:17 CDT

[email protected]
I (need to) use SEF-friendly URLs & Chronoforms.
Chronoforms Ajax calls are treated as an exeption by Admin Tools (SQLiShield).
When I make a WAF exception to avoid this, this exception does not work.

In your documentation I read that I have to place the SEF plugin before the Admin Tools plugin. If I reorder this (Admin Tools plugin after SEF plugin) and then open the Components > Admin Tools configuration the Admin Tools plugin is placed before the SEF plugin again (in fact Admin Tools always becomes the first plugin all the time).

So I can't find a way to place the SEF plugin before the Admin Tools plugin. It seems that your software places it back at the first position all the time.

tampe125
Akeeba Staff
Hello,

you can disable Admin Tools "auto ordering" feature inside Component Options.
In that way you can manually set the order of the system plugin.

Davide Tampellini

Developer and Support Staff

๐Ÿ‡ฎ๐Ÿ‡นItalian: native ๐Ÿ‡ฌ๐Ÿ‡งEnglish: good โ€ข ๐Ÿ• My time zone is Europe / Rome (UTC +1)
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

[email protected]
Ah, thanks. Would advise to put this in the helppage about ordering the SEF and Admin Tools plugin.

tampe125
Akeeba Staff
You're welcome!

Davide Tampellini

Developer and Support Staff

๐Ÿ‡ฎ๐Ÿ‡นItalian: native ๐Ÿ‡ฌ๐Ÿ‡งEnglish: good โ€ข ๐Ÿ• My time zone is Europe / Rome (UTC +1)
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

[email protected]
I am afraid it is still not working. The order of the plugins is:
- System - SEF
- System - Admin Tools

SQLiSchield protection is on. I want to make an exception for Ajax calls from Chronoforms forms. These forms make calls like:

.../index.php?option=com_chronoforms&chronoform=testform&event=Ajax&format=raw


When I try an exception rule with (only) the Query parameter "event" these Ajax calls from Chronoforms should not be treated as SQLi attack anymore, but they still are.

Regards.

nicholas
Akeeba Staff
Manager
The problem is that ChronoForm is not using the view and task parameters Joomla expects. It uses its own parameter called event. This means that you can only add an exception for the entire component, not just the form submission part of it.

You can do that by adding a new exception where option is set to com_chronoforms and leave all other parameters blank.

Nicholas K. Dionysopoulos

Lead Developer and Director

๐Ÿ‡ฌ๐Ÿ‡ทGreek: native ๐Ÿ‡ฌ๐Ÿ‡งEnglish: excellent ๐Ÿ‡ซ๐Ÿ‡ทFrench: basic โ€ข ๐Ÿ• My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

System Task
system
This ticket has been automatically closed. All tickets which have been inactive for a long time are automatically closed. If you believe that this ticket was closed in error, please contact us.

Support Information

Working hours: We are open Monday to Friday, 9am to 7pm Cyprus timezone (EET / EEST). Support is provided by the same developers writing the software, all of which live in Europe. You can still file tickets outside of our working hours, but we cannot respond to them until we're back at the office.

Support policy: We would like to kindly inform you that when using our support you have already agreed to the Support Policy which is part of our Terms of Service. Thank you for your understanding and for helping us help you!