PLEASE NOTE: These forums are no longer utilized and are provided as an archive for informational purposes only. All support issues will be handled via email using our support ticket system. For more detailed information on this change, please see this blog post.

Unable to save/update form

  1. Hi,I have set up a new form, added fields, saved in between; all went perfect. After taking a break trying to edit the form some more, but now when trying to save, nothing happens except the "Saving form. Please wait... " message is shown all the time. This is on WP 2.9.1 on PHP 5.2.10, MySQL 5.0.45, and a fresh install of Gravityforms 1.3.8. I did try with all plugins unabled without succes.

    Posted 12 years ago on Friday January 15, 2010 | Permalink
  2. This is some sort of conflict, either plugin or theme. Contact Us using the Contact Us form on this site and include a WordPress login for this site and we can take a look at it and see what is causing the problem.

    Something in your WordPress setup is preventing the AJAX from saving the form.

    Posted 12 years ago on Friday January 15, 2010 | Permalink
  3. Thx for the quick reply Carl; i'll send you the login stuff. Still, I wonder why I did work in the first place, and stopped working later on.

    Posted 12 years ago on Friday January 15, 2010 | Permalink
  4. Tibor,

    It looks like your environment has some sort of security around receiving requests via POST. It throws a 500 (server error) when the posted content contains the words "select from". I imagine it does that in an attempt to protect you from outsiders trying to access your database. The problem is that the implementation is too strict and blocks harmless strings such as "selecting an apple from the store", or in our case "isSelected: false, from: test@test.com".

    When you click the save form button, an AJAX POST request is made to the admin-ajax.php page. In your environment this request fails when the form meta contains the words "select" and "from".

    This has happened to another user and he was able to talk to his host and fix the issue. This is what he said:
    "They changed something on the mod_security module and it seems to be working great now!"

    Posted 12 years ago on Friday January 15, 2010 | Permalink
  5. I must have missed this one. Look at the docs for mod_security:

    http://www.howtoforge.com/apache_mod_security

    # Very crude filters to prevent SQL injection attacks
        # SecFilter "delete[[:space:]]+from"
        # SecFilter "insert[[:space:]]+into"
        # SecFilter "select.+from"

    VERY crude, to be sure.

    Posted 12 years ago on Saturday June 26, 2010 | Permalink
  6. Thanks for taking the time to post that Chris. The crude/lazy approach for sure.

    Posted 12 years ago on Saturday June 26, 2010 | Permalink