Removing everything before the ? in the url seems to have solved the issue.

Thanks so much!

Can you try removing everything before the ? in the link?  

Any links that start with ? referrer to the current script so it's an easy way to make sure the http/https, hostname, and URL match up.  

Let me know if you still have an error after that and if so we can try some other options.

Hope that helps!

In the old (and still functioning app), I created an html separator on afield editor like this:

<tr>

<td colspan='2'>

<?php if(@$RECORD){ ?>

<?php

$has_test=false;

$the_tests = mysql_select('tests');

foreach($the_tests as $the_test){

if($the_test['course_number']==$RECORD['num']){

$has_test=true;

break;

}

}

?>

<?php if(!$has_test) { ?>

<p><astyle="color:#000;" href="http://test.nypqcme.org/cmsCSoft/admin.php?menu=tests&action=add&course_number=<?php echo $RECORD['num']?>&course_name=<?php echo $RECORD['title']?>">Create Test for Program</a></p>

<?php } ?>

<?php } ?>

</td>

</tr>

This code checked for the existence of a test for a particular course, and if one was not found, presented a link to the “tests” table for the creation of one.

This link would open a page with a new record in the “tests” table for the admin user to fill in.

I now find that this code no longer works in my new implementation. The link takes the user to the backend login page (even though he is already logged in) ,

And once the user logs in again, the expected error occurs:

Security Error: No _CSRFToken exists in session. Try reloading or going back to previous page.

One never gets to the new record in the “tests” section.

Have you any ideas how I can make this work?

Thanks.