Cannot login (No _CSRFToken exists in session)

11 posts by 4 authors in: Forums > CMS Builder
Last Post: June 30, 2015   (RSS)

By ht1080z - March 3, 2015 - edited: March 3, 2015

Hi,

I just finished a new 2.64 final release setup and everything worked fine. After i tried to login from another computer i get Security Error: No _CSRFToken exists in session. Try reloading previous page.

I searched the forum for other related posts but no solution from these applied well for me.

PS1: from Chrome (latest) i can login but from firefox 36 the problem remain (after a full cleanup) the same...

PS2: in the Firefox there is no new cookie creation in the specific website. Every other cmsb works great...

Please advise,
Karls

By Daryl - March 5, 2015

Hi Karls,

Please check out this thread about "Security Error: No _CSRFToken exists in session. Try reloading previous page." issue.

https://www.interactivetools.com/forum/forum-posts.php?postNum=2235000#post2235000

Please let me know if the solution from that thread resolves the issue you were having.

Thanks,

Daryl Maximo
PHP Programmer - interactivetools.com

By ht1080z - March 5, 2015 - edited: March 5, 2015

Hi Daryl,

Nothing worked from the suggested post. The problem is remain from Firefox that i use as developing browser. Chrome is working...

I downgraded the cmsb to 2.63 but the problem is the same...

Karls

By ht1080z - March 6, 2015

Hi Daryl,

Thanks for your follow up.
I continued to searched about the problem and moved to downgrade on more version down (2.53) and the error message disappeared but still not able to log in.

Finally i "refreshed" (factory cleanup) my Firefox from troubleshooting and my problem resolved.
It was definitely something in the browser only.

Thanks again,
Karls

By Dave - March 8, 2015

Hi Karls,

If you'd like I can upgrade the CMS for you and test and resolve any issues.  Just email me CMS and FTP login details to dave@interactivetools.com (don't post login details to the forum).

My guesses as to the cause are perhaps that a file didn't get uploaded during the upgrade (happens with FTP servers/clients occasionally) or there's a plugin that is interfering with the login process.  But I'm really not sure, we'd have to investigate.

Let me know, thanks!.

Dave Edis - Senior Developer
interactivetools.com

By Djulia - June 25, 2015

Hi Dave,

I have again this problem (error) intermittently (Firefox and Chrome).
Do you have an idea which can direct me towards a solution?

I deactivated the Check Referer option.
Do you think that can help to correct?

Thanks!

Djulia

By Djulia - June 27, 2015 - edited: June 27, 2015

Hi Dave,

The problem occurs mainly when a record is saved.
But, it is always very random

I have just applied this solution:

update /lib/database_functions.php and replace all instances of this:

session_write_close()

with this:

#session_write_close()

http://www.interactivetools.com/forum/forum-posts.php?postNum=2235780#post2235780

Thanks!

Djulia

By Djulia - June 27, 2015

I use this on record_presave :

function _antiFlood($tableName, $isNewRecord, $oldRecord) {
    if(@$_SESSION['last_session_request'] > time() - 1) {
        die('Thanks to wait a second!');
    }
    $_SESSION['last_session_request'] = time();
}

Do you think that can interfere?

Thanks!

Djulia

By Djulia - June 27, 2015 - edited: June 29, 2015

Oops, I make an error on the post.

The error message is: "Security Error: Invalid _CSRFToken."

No : Cannot login (No _CSRFToken...

Sorry!