5 Replies Latest reply on Mar 26, 2011 3:59 PM by kglad

    SecurityError: Error #2028:  *** Security Sandbox Violation ***

    pedro123f

      i have this error :

       

      Fonts should be embedded for any text that may be edited at runtime, other than text with the "Use Device Fonts" setting. Use the Text > Font Embedding command to embed fonts.
      Attempting to launch and connect to Player using URL D:\iagora\novoguest\gbook_v5.swf
      [SWF] D:\iagora\novoguest\gbook_v5.swf - 99599 bytes after decompression
      *** Security Sandbox Violation ***
      Connection to http://127.0.0.1/novo_guest/inputGBook.php halted - not permitted from file:///D|/iagora/novoguest/gbook%5Fv5.swf
      -- Untrusted local SWFs may not contact the Internet.
      SecurityError: Error #2028: O arquivo SWF Local-with-filesystem file:///D|/iagora/novoguest/gbook%5Fv5.swf não pode acessar o URL http://127.0.0.1/novo_guest/inputGBook.php.
      at flash.net::URLStream/load()
      at flash.net::URLLoader/load()
      at gbook_v5_fla::Gbook_1/checkForm()[gbook_v5_fla.Gbook_1::frame1:50]
      at gbook_v5_fla::Gbook_1/clickHandler()[gbook_v5_fla.Gbook_1::frame1:5]
      Cannot display source code at this location.

       

       

      this is my code :

      stop();

      gb_btn.addEventListener(MouseEvent.CLICK, openHandler);
      function clickHandler(event:MouseEvent):void {
      checkForm();
      }
      function openHandler(event:MouseEvent):void {
      if (currentLabel=="closed") {
        nextFrame();
      } else if (currentLabel=="open") {
        prevFrame();
      }
      }
      function checkForm():Boolean {
      // ensure that the username_ti field isn't blank.
      if (alias.text.length == 0) {
        // if the username_ti field is empty, display an error message in the status_lbl Label instance.
        aviso.htmlText = "<font color=\"#ff0000\">Insira um Nome.</font>";
        // exit the checkForm function.
        return false;
      }
      // if the password_ti TextInput instance is blank,
      // display an error message in the status_lbl Label instance and exit the checkForm function.
      if (mail.text.length == 0) {
        aviso.htmlText = "<font color=\"#ff0000\">Insira um email válido.</font>";
        return false;
      }
      if (titulo.text.length == 0) {
        aviso.htmlText = "<font color=\"#ff0000\">Insira um titulo.</font>";
        return false;
      }
      if (mensagem.text.length == 0) {
        aviso.htmlText = "<font color=\"#ff0000\">insira uma mensagem.</font>";
        return false;
      }
      var gbookVars:URLVariables = new URLVariables();
      gbookVars.alias = alias.text;
      gbookVars.titulo = titulo.text;
      gbookVars.mail = mail.text;
      gbookVars.mensagem = mensagem.text;

      var gbookRequest:URLRequest = new URLRequest();
      gbookRequest.method = URLRequestMethod.POST;
      gbookRequest.data = gbookVars;
      gbookRequest.url = "http://127.0.0.1/novo_guest/inputGBook.php";

      var gbookLoader:URLLoader = new URLLoader();
      gbookLoader.dataFormat = URLLoaderDataFormat.VARIABLES;
      gbookLoader.addEventListener(Event.COMPLETE, gbCompleteHandler);
      gbookLoader.load(gbookRequest);

      return true;
      }

      function gbCompleteHandler(event:Event):void {
      var variables:URLVariables = event.currentTarget.data as URLVariables;
      // if the server returned the value of isValidLogin with a value of 1...

      if (variables.valid == 1) {
        // set the status_lbl Label to a "success" message.
        // Typically here you'd do a gotoAndPlay or set any local variables
        // related to a successful login.
        aviso.htmlText = "<font color=\"#009900\"><b>Mensagem enviada e a aguardar aprovação.</b></font>";
        // else the login information wasn't valid,
        // therefore display an error message in the status_lbl Label instance.
      } else {
        aviso.htmlText = "<font color=\"#EFDFDC\">Ocorreu um erro no envio da sua mensagem.</font>";
        mail.text="";
        alias.text="";
        mensagem.text="";
        titulo.text="";
      }
      }

       

       

       

      this is my php file

       

       

      <?php include_once("../admin/includes/db_access.php"); ?>
      <?php
      include("../admin/includes/funcs.inc.php");

       

      if (!function_exists("GetSQLValueString")) {
      function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "")
      {
        $theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;

        $theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);

        switch ($theType) {
          case "text":
            $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
            break;   
          case "long":
          case "int":
            $theValue = ($theValue != "") ? intval($theValue) : "NULL";
            break;
          case "double":
            $theValue = ($theValue != "") ? "'" . doubleval($theValue) . "'" : "NULL";
            break;
          case "date":
            $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
            break;
          case "defined":
            $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
            break;
        }
        return $theValue;
      }
      }

      if ($_POST) {

        echo 'valid=1';
             
      insertSQL ="INSERT INTO recolha_gbook (datime, `alias`, titulo, mensagem, mail, del, modif, datem, sys, agent, ip, valido) VALUES (date("Y-m-d H:i:s"),$_POST['alias'],$_POST['titulo'],$_POST['mensagem'],$_POST['mail'],0,1,date("Y-m- d H:i:s"),GetOs(getenv('HTTP_USER_AGENT')),GetBrowser(getenv('HTTP_USER_AGENT')),getenv('RE MOTE_ADDR'),0)",

        mysql_select_db($database_adcms, $adcms);
        $Result1 = mysql_query($insertSQL, $adcms) or die("valid=0");
       
        echo "valid=1";
      }else{
        echo "valid=0";
      }
      ?>