Invalid CSRF token ???

[garciademarina]

Hi,

If nothing goes wrong, today osclass 3.1.1 will be released and fix the problems you have.

Regards

[zgromadzenie]

Hi,

After sleepless night with osclass upgraded to 3.1 I still have two problems:
- Error 500 after posting a new ad. Captcha is already disabled, the ads are being published, but when there's a redirection to /index.php the browser displays error 500 (Chrome) or blank page (Firefox). Refreshing the site on Chrome makes things back to normal, refreshing on Firefox gives Invalid CSRF message.
- The emails are not being sent. I'm using Gmail settings and tried all possible configurations. Still nothing.

Of course I applied all suggested changes. Here's the log:

Code: [Select]

[Thu Mar 21 02:21:49 2013] [error] [client 120.28.144.67] PHP Fatal error:  Call to undefined method POP3::Authorise() in /opt/bitnami/apps/osclass/htdocs/oc-includes/osclass/utils.php on line 301, referer: http://website.com/category/subcategory/item_848
[Thu Mar 21 02:22:18 2013] [error] [client 66.249.74.72] PHP Notice:  Undefined index: pk_i_id in /opt/bitnami/apps/osclass/htdocs/oc-includes/osclass/model/Category.php on line 490


[JOHNP]

Hi Carlos,

Just wanted to let you know that the new Osclass version 3.1.1 seems to have fixed my Recaptcha issue.

Thanks,

John

[wveinti]

Hi

Is there anyway to add this validation to the USA theme?

thanks

Hi @kcguy,

We add a double submit prevention with javascript, has been added to modern theme.

You can see the changes here:

https://github.com/osclass/Osclass/commit/2992eaaacc02ebe4644af0ac5de162d3e20b9345
https://github.com/osclass/Osclass/commit/9529a85e3ea7d207a4a34b27301c14071f562cc2

[tbare]

for the record - I have a clean 3.1.1 dev install without recaptcha loaded, (only paypal plus and promo codes loaded) and I still get the error on iPad -- did the Modern them double submit "fix" get added in this release?

[kalid]

hi osclass team.
thanks for wonderful easy to use classified application, i really like it.

I successfully installing osclass 3.1.1on my hosting site, However ever for stranger reason i am getting Invalid CSRF tocken when posting or going to admin or registering new account ONLY on IE and firefox.  Good Chrome works as expected.

I am wondering what config file i need to change or setup to fix the issue. myself is www.minaleshtera.com

Thanks

[onaldo]

Sometimes, my site is getting this Invalid CSRF token error when a user logs in. In other times, it does not. I really can't figure our where is the problem.

[_CONEJO]

Could you provide a little more information?


Version of Osclass:
Browser & version:
A more detailed description of the error (when, where it happens, what were you trying to accomplish,..):

Thanks

[onaldo]

Version Osclass 3.1.1
on Google Chrome up-to-date browser
It happened yesterday, when a user is trying to log-in. After a few tries, the error is gone.

Btw, it happened before. Then I added session_save_path ( ABS_PATH . 'oc-content/uploads/' ); in config file. Then the error was gone. Then it came back yesterday after added the plugin related ads. I tried today, no more error but one of the user reported that he encountered such error.

Could you provide a little more information?


Version of Osclass:
Browser & version:
A more detailed description of the error (when, where it happens, what were you trying to accomplish,..):

Thanks

[searchweb]

Same here, I'm doing manual update after automatic update loading too long and without end. After manual update, i can't reach the admin panel(white blank page) and when members login, it's get invalid csrf token.

I have add session_save_path ( ABS_PATH . 'oc-content/uploads/' ); in config file but it's still showing same error. I need suggestion and solution as my osclass have modified and installed alot of addons.

[markgkmn]

When i wrote my domain name in google it not showing www.and when not showing www than i cannot login in it shows invalid csfr token ,again when i wrote www.mydomain.com it worked,when is domain without www its no working,I figured it out.Is it happening to you also that you enter your domain in google shows no www and than shows invalid cfr token or what

[janaka]

i also getting invalid CSRF Token error when image regenerate. i''m using osc 3.1.1

[Aficionado]

Sometimes, my site is getting this Invalid CSRF token error when a user logs in. In other times, it does not. I really can't figure our where is the problem.

Same for me. Exactly what you describe.

[Aficionado]

I'm using 3.1.1 and one easy way to make this happen with Firefox 20x browser is to (try to) login using a non existent user and password.

 

[onaldo]

I just found out that when my address has www before the domain, invalid CSRF token occurs. I added a code to my .htaccess to force a www on my domain.