Article Submission Issue OJS 3.0.2

Good day Sirs,

I need help with the article submission issue. I was able to do a lot of submissions to our ojs based journal until yesterday when one of the submission got interrupted due to a bad internet and I can’t process another submission. I’m always stuck at adding Meta data stage. I manage to take a screenshot of how it looks like with the chrome debugger console opened. I already searched it through the forum and most of the answer was mod_security issue which I think was not the case since it works perfectly fine just before that incomplete submission where it all got messed up.

;!function(){var t=0,e=function(t,e){return"function"!=typeof t||t.replaced?t:(e.replaced=!0,e)};if(“undefined”!=typeof CustomEvent&&“function”==typeof window.dispatchEvent){var n=function(e){try{if(“object”==typeof e&&(e=JSON.stringify(e)),“string”==typeof e)return window.dispatchEvent(new CustomEvent(“lprequeststart”,{detail:{data:e,requestID:++t}})),t}catch(t){}},o=function(t){try{window.dispatchEvent(new CustomEvent(“lprequestend”,{detail:t}))}catch(t){}};“undefined”!=typeof XMLHttpRequest&&XMLHttpRequest.prototype&&XMLHttpRequest.prototype.send&&(XMLHttpRequest.prototype.send=e(XMLHttpRequest.prototype.send,function(t){return function(e){var u=this,r=n(e);return r&&u.addEventListener(“loadend”,function(){o({requestID:r,statusCode:u.status})}),t.apply(u,arguments)}}(XMLHttpRequest.prototype.send))),“function”==typeof fetch&&(fetch=e(fetch,function(t){return function(e,u){var r=n(u),c=t.apply(this,arguments);if(r){var i=function(t){o({requestID:r,statusCode:t&&t.status})};c.then(i).catch(i)}return c}}(fetch)));var u=function(t){return e(t,function(){try{this.dispatchEvent(new CustomEvent(“lpsubmit”))}catch(t){}return t.apply(this,arguments)})},r=function(){if(document&&document.forms&&document.forms.length>0)for(var t=0;t<document.forms.length;++t)document.forms[t].submit=u(document.forms[t].submit)};document&&“interactive”===document.readyState||“complete”===document.readyState?r():window.addEventListener(“DOMContentLoaded”,r,!0),document.createElement=e(document.createElement,function(t){return function(){var e=t.apply(this,arguments);return e&&“FORM”===e.nodeName&&e.submit&&(e.submit=u(e.submit)),e}}(document.createElement))}}();

Looking forward to your prompt response. Have a great day!

Best Regards,
Roland

Hi @rmrdlojs,

The 403 is almost certainly coming from a mod_security rule. I think the interrupted operation is a red herring. Your mod_security log should be able to confirm.

Regards,
Alec Smecher
Public Knowledge Project Team

Hi Asmecher,

Thanks for the prompt response. I think I fixed it by clearing out the cache in t_compile(idk if that should not be touched). It was working perfectly fine without 403 errors before just when there was an incomplete submission which might cache a bad script. I’ll update this thread when the same error arises again.

Kind Regards,
Roland

Hi @rmrdlojs,

Is it possible that your t_cache permissions are too lax, e.g. 777 or something similar? If so, another piece of software on your system might be modifying them.

Permissions will depend heavily on your server’s setup, so I can’t give specific instructions for what to use, but have a look at the FAQ for a discussion on permissions – and note that 777 permissions are never safe to use.

Regards,
Alec Smecher
Public Knowledge Project Team

Hi Asmecher,

Currently, I have my dir and files set to 755 and 644 respectively. This was made possible by our host. Wayback when I simulated it to a local server OJS just won’t work properly with these set of permission. The public, cache, and files dir needed to be in 777 in order to work but we tried a similar setup to what was mentioned with one of your co-staff and it seems everything is working fine as it is. Except on the email notification though. We still need to configure that functionality maybe we still don’t have SMTP on board but that would be in tackled in another thread.

I learned that 777 is not safe to use in a hard way when a local hacker hacked one of my sites and changed the landing page. Although they claim that they haven’t touched any of our core files and database and they just wanted to show us the vulnerabilities of our site I still wipe-out that site and did a restore on a backup 8 months before the attack.

This may not be related but this is something to look into when hosting online.

Thanks again Alec for filling me in with possibilities which might cause me the issue mentioned in the title of this thread.

Best Regards,
Roland