vb.org Archive

vb.org Archive (https://vborg.vbsupport.ru/index.php)
-   vB3 General Discussions (https://vborg.vbsupport.ru/forumdisplay.php?f=111)
-   -   "Your submission could not be processed because a security token was missing." (https://vborg.vbsupport.ru/showthread.php?t=190839)

NOCR 09-13-2008 07:32 PM
"Your submission could not be processed because a security token was missing."
 
I first got this error when I tried to change my timezone.
Now it says it every time when I go /usercp.php (it redirects me to profile.php?do=dst and says:
Quote:
"Your submission could not be processed because a security token was missing.

If this occurred unexpectedly, please inform the administrator and describe the action you performed before you received this error."
!

It took an extremely long time to configure the settings and style template. (I know, you've heard it before and don't care) but I would really appreciate a logical answer rather than "reinstall and re upload all files". I'd rather just replace the one causing the problem.

That said, what is the corrupt file that would cause usercp.php to redirect to profile.php?do=dst?



vB 3.7.3
some mods (All disabled)
style: Transparancity (modified)

Opserty 09-13-2008 10:03 PM
Create a New Style with No Parent Style. Browse the affected pages using this style, does your issue persist?

Angel-Wings 09-14-2008 02:36 AM
That's a style based error and it can be fixed within some minutes :)

Open in your AdminCP the "Styles & Templates" and search for "profile.php" in the Default Template - looks like:

Quote:
<!-- auto DST correction code -->
<form action="profile.php?do=dst" method="post" name="dstform">
<input type="hidden" name="s" value="$session[sessionhash]" />
<input type="hidden" name="securitytoken" value="$bbuserinfo[securitytoken]" />
<input type="hidden" name="do" value="dst" />
</form>
Then copy & paste this and replace it in the same Template in the Style causing the problem. :)

The "footer" templates usually cause this problem so it should be there. And - usually - the important line.

Quote:
<input type="hidden" name="securitytoken" value="$bbuserinfo[securitytoken]" />
is missing so the redirection creates an error message.

angelpie 03-10-2009 02:50 AM
what if your default is the one doing it?

dodyryda1 04-15-2009 09:08 AM
cheers. solved my sketch out!:D

mmurtha 04-24-2009 01:50 AM
Okay, I searched for the profile.php file, and nothing came up in the styles and templates search.

Can someone please give me the correct path to this file so I can edit it using an FTP client?

I do have that code in the footer of both the default and other theme though, but am still having the security token issue.

I've reuploaded all files a few times and it still does not fix it.

This is an issue in the VB software, so why doesn't anyone seem to have a fix for it? Or why hasn't this been fixed in the latest version?

I also noticed that most of the complaints come from FireFox users.

Thanks, and I'd appreciate it if someone can help.

Biker_GA 04-24-2009 01:55 AM
This isn't an issue with vBulletin. Usually, it's an issue with the custom style you've installed. Have you installed a custom style?

mmurtha 04-24-2009 02:18 AM
Yes, I have a custom styles installed, but it was updated for VB 3.7.1.

I checked the footer file of it, and it has the code above.

I also have all MOds turned off too for a few days now so I could track the problem to see if it is still happening.

Btw, do you know the path for the profile.php? I looked in every location I could thing of, and could not find it. The closest file I found that related to the profil file is the editprofile file, and that isn't it.

Thanks for responding too.

Biker_GA 04-24-2009 02:25 AM
profile.php is in the root installation directory of your vBulletin installation.

Dan Clement 05-04-2009 11:46 AM
Hi folks,

I was having the same error but I seem to have been able to resolve it. I'll run you through what I did in the hopes it'll sort you out too.

In the Admin CP, drop down Styles & Templates, then go to Style Manager. Find the skin you're having trouble with and go to Edit Templates. Find your 'footer' template and find the following snippet of code:

Code:
<!-- auto DST correction code -->
<form action="profile.php?do=dst" method="post" name="dstform">
<input type="hidden" name="s" value="$session[sessionhash]" />
</form>
From what I can make out, the error arises because the lines that calls upon the user's security token are omitted leading vB to think that the user doesn't have one. You need to add in a couple of lines to make vB call the security token. To do this, replace the code above with this:

Code:
<!-- auto DST correction code -->
<form action="profile.php?do=dst" method="post" name="dstform">
<input type="hidden" name="s" value="$session[sessionhash]" />
<input type="hidden" name="securitytoken" value="$bbuserinfo[securitytoken]" />
<input type="hidden" name="do" value="dst" />
</form>
Save your changes and try accessing your User CP again. Should have fixed you right up. If not, give me a shout.

Just to re-iterate, you should not have to edit profile.php at all to fix this error and in trying to do so you're probably more likely to break something!

mmurtha 05-04-2009 03:26 PM
Hi Dan,

I am using VB 3.7.4 patch level 1 still and I did edit the footer template and put that code in, in the theme that is giving me the trouble a while ago, and just checked it again to revarify. But this correction did not solve the problem.

Here is the code that is in the template:
Quote:
<if condition="$show['dst_correction']">
<!-- auto DST correction code -->
<form action="profile.php?do=dst" method="post" name="dstform">
<input type="hidden" name="s" value="$session[sessionhash]" />
<input type="hidden" name="securitytoken" value="$bbuserinfo[securitytoken]" />
<input type="hidden" name="do" value="dst" />
</form>

<script type="text/javascript">
<!--
var tzOffset = $bbuserinfo[timezoneoffset] + $bbuserinfo[dstonoff];
var utcOffset = new Date().getTimezoneOffset() / 60;
if (Math.abs(tzOffset + utcOffset) == 1)
{ // Dst offset is 1 so its changed
document.forms.dstform.submit();
}
//-->

</script>
<!-- / auto DST correction code -->

</if>
I really need to get this problem resolved. Customers are complaining about it, and people are leaving the forum because they don't want to deal with this problem.

Can you suggest anything else?

Thanks ...

Lynne 05-04-2009 03:41 PM
mmurtha, are you getting this error on all pages or on specific pages or what?

KevinL 05-04-2009 03:50 PM
This is going to sound strange but do you have your usercp rewritten to something or something funky going on? You have every other page rewritten with vbseo to something else like member/list/ then you have the profile.php I'm just wondering if there is some conflict going on?

It seems to only happen on his usercp page.

mmurtha 05-04-2009 04:01 PM
Quote:
Originally Posted by Lynne (Post 1804411)
mmurtha, are you getting this error on all pages or on specific pages or what?
Hey Lynne,

It's mainly happening when other users try to navigate with the user cp.


Kevin,
Quote:
This is going to sound strange but do you have your usercp rewritten to something or something funky going on?
No, not that I know of. I know I didn't rewrite it to anything.

I'm not sure what you mean by -
Quote:
You have every other page rewritten with vbseo to something else like member/list/ then you have the profile.php I'm just wondering if there is some conflict going on?
Can you explain it a little more?

Or are you talking about the VbSEO mod creating the trouble by rewriting the pages?

Thanks guys ...

Lynne 05-04-2009 04:05 PM
Do you have a test login? And I only see one style on your site - is there another style that is working fine?

mmurtha 05-04-2009 04:13 PM
Lynne, try this dummy account:

Edited out for safty

And no, I disabled the default theme, so users can only use the custom theme.

Btw Kevin just created a new account, and I saw where he got the cookie error too when he tried going to the user cp.

It may be that he is using FF, and not IE. Most of the complaints that I get are from FF users.

Lynne 05-04-2009 04:29 PM
I logged on with that account... did you know that that user doesn't have permission to see the home page which is the page you are redirected to when you log in? http://marketersspaceforum.com/index.php So, you login and immediately get a No Permission error.

I clicked all around in the User CP and tried changing settings (don't worry, I set them back) and didn't get any error. So, is this an error that is only present for new registered users? (I am using FF.)

mmurtha 05-04-2009 04:38 PM
Lynne,

No, I have the permissions on for all guests and users.

I know I just tried logging in with that account using FF too, and I got that error message. The page was redirected to:

.../forum/profile.php?do=dst

And no, new and old users using FF get this message.

Do you think you can find the problem if I let you in the admin cp?

I'd be willing to pay you something for the fix if you can. This one's been driving me, and everyone else on the forum craxy for the past month or so.

Lynne 05-04-2009 04:42 PM
I am not getting a security token error when I log in. I am redirected to this page - http://marketersspaceforum.com/ - and told I have no permission. That is different than the security token error. I can try to click on the Home link, and I get the no permission error. This sounds like a problem with your vbadvanced (which I have no experience with).

mmurtha 05-04-2009 04:58 PM
This is really odd because the permissions are set for users to see the home page, and I don't seem to be getting what you are getting with that account.

I had a user last eve that used FF with this problem, and I told her to clear her cache. She did, and it worked fine since. She didn't have a problem being redirected to the home page either after that.

Okay, can you do me another quick favort and try this new account to see if you come up with the same problem?

Edited out by me

Lynne 05-04-2009 05:04 PM
That account works fine. I get sent to the /forums/ page and all is fine. And, when I click the home page link, I can see the page. Very, very odd!

I then went back and tried the first account, and now it is fine. But, the first two times I logged in using it, I got the problem I described. However, using this first account, I still get a No Permission message when hitting the Home link - http://marketersspaceforum.com/index.php

mmurtha 05-04-2009 05:09 PM
Yes it is very odd!

Now the only thing I did different was that I set the "Time and Date" option to "DST corrections always on" in the options when I set that account up.

It seems to be a problem with the DST function someplace.

Thanks so much for your help btw, I truly appreciate you!

Perhpas someone else who has a fix for this will come along, or maybe I'll hire a programmer to resolve the issue.

Lynne 05-04-2009 06:30 PM
The problem there is I'm redirected to marketspaceforum.com instead of www.marketspaceforum.com . I can see www.msf.com just fine. I would change this (in your footer):
HTML Code:
<form action="http://marketersspaceforum.com/forum/profile.php?do=dst" method="post" name="dstform">
To this:
HTML Code:
<form action="/forum/profile.php?do=dst" method="post" name="dstform">

mmurtha 05-04-2009 07:30 PM
Okay, I gave it a try, and thanks again!

Okay, Dan's going to check things in the backend. Maybe he'll come up with something.

--------------- Added [DATE]1241479397[/DATE] at [TIME]1241479397[/TIME] ---------------

Quote:
Originally Posted by Lynne (Post 1804450)
I am not getting a security token error when I log in. I am redirected to this page - http://marketersspaceforum.com/ - and told I have no permission. That is different than the security token error. I can try to click on the Home link, and I get the no permission error. This sounds like a problem with your vbadvanced (which I have no experience with).
Hey Lynne,

Just for the recoed, I believe you were right about this problem being in the VbCMPS. Dan took a look at it, and found out that vBulletin was looking in the footer template of vBa CMPS for the security token information instead of the predominate VB footer template.

We think he fixed the issue, so if someone else has this problem and is using vBCMPS, this might help.

angeljs 10-25-2009 08:36 PM
Just want to say thanks...this error has been driving me mad, so thanks for the fix! :)

gnagplank6 11-02-2009 04:10 PM
Quote:
Originally Posted by Dan Clement (Post 1804276)
Hi folks,

I was having the same error but I seem to have been able to resolve it. I'll run you through what I did in the hopes it'll sort you out too.

In the Admin CP, drop down Styles & Templates, then go to Style Manager. Find the skin you're having trouble with and go to Edit Templates. Find your 'footer' template and find the following snippet of code:

Code:
<!-- auto DST correction code -->
<form action="profile.php?do=dst" method="post" name="dstform">
<input type="hidden" name="s" value="$session[sessionhash]" />
</form>
From what I can make out, the error arises because the lines that calls upon the user's security token are omitted leading vB to think that the user doesn't have one. You need to add in a couple of lines to make vB call the security token. To do this, replace the code above with this:

Code:
<!-- auto DST correction code -->
<form action="profile.php?do=dst" method="post" name="dstform">
<input type="hidden" name="s" value="$session[sessionhash]" />
<input type="hidden" name="securitytoken" value="$bbuserinfo[securitytoken]" />
<input type="hidden" name="do" value="dst" />
</form>
Save your changes and try accessing your User CP again. Should have fixed you right up. If not, give me a shout.

Just to re-iterate, you should not have to edit profile.php at all to fix this error and in trying to do so you're probably more likely to break something!
Thanks, I have tried this solution and will post up on whether it works.

For some time now new users have been receiving the security token message and were unable to participate in the forum upon registering. I recently, within the last week, started receiving the "security token" message every time I tried to access my own user CP and sometimes when I tried to preview some of my posts. Today this issue mysteriously disappeared for me prior to executing the above solution. dunno why :confused:

I have read the available threads on this forum and so I have done my part. :) Any advice or help would be most appreciated.

This security token issue also happens to myself and others when I try to use the basic forum search function. Advanced search works just fine. :confused:

We are still in Beta but do have enough members that all these security token issues cause a great deal of consternation.

We are currently running VB 3.8.3 and are using a skin originally from vbskins.com which we totally customized for our site. It's awesome but until we fix these issues with some new members being unable to register and participate, as well as jacked basic search function we are dead in the water. :(

gnagplank6 11-04-2009 12:12 AM
Hey does anyone have any input on my above post????

I could use some advice here. Thanks.

gnagplank6 11-09-2009 11:24 AM
Well I ran the fix posted on by Dan Clement and so far it seems to work. Several people who were unable to log on now can.

Thanks Dan!!

CAN I PLEASE GET SOME INPUT on the reasons that my basic search function is not working? Any help would be most appreciated. I get a Security Token error when I try to use the basic quick search function, but strangely advanced search works fine.

I won't let this thread die.:D

Lynne 11-09-2009 03:51 PM
Quote:
Originally Posted by gnagplank6 (Post 1911941)
CAN I PLEASE GET SOME INPUT on the reasons that my basic search function is not working? Any help would be most appreciated. I get a Security Token error when I try to use the basic quick search function, but strangely advanced search works fine.
Did you add the securitytoken correctly to the search form in the navbar? Read this - Implementing CSRF Protection in modifications

gnagplank6 11-09-2009 11:19 PM
Quote:
Originally Posted by Lynne (Post 1912034)
Did you add the securitytoken correctly to the search form in the navbar? Read this - Implementing CSRF Protection in modifications
wow someone responded!!:D Thanks for your advice Lynne!!!

I will try to implement this fix ASAP and report back on the linked thread.

Ramya108 12-07-2009 07:42 PM
Quote:
Originally Posted by Angel-Wings (Post 1621656)

The "footer" templates usually cause this problem so it should be there. And - usually - the important line.
is missing so the redirection creates an error message.
Thank you!
That solved my problem

HS2005 05-10-2010 05:42 PM
Quote:
Originally Posted by Angel-Wings (Post 1621656)
That's a style based error and it can be fixed within some minutes :)

Open in your AdminCP the "Styles & Templates" and search for "profile.php" in the Default Template - looks like:


Then copy & paste this and replace it in the same Template in the Style causing the problem. :)

The "footer" templates usually cause this problem so it should be there. And - usually - the important line.


is missing so the redirection creates an error message.

Good one my friend! worked like a charm and very logical.:)

Speysider 05-10-2010 06:28 PM
ok? This thread is quite old.

A.Chakery 07-21-2010 12:08 PM
hi ,

I did what you said and edited the DST code lines in my footer. the usercp problem is solved.

but I have 2 new problems :

1.I am getting this security problem while searching
2.I am getting another strange problem about subscribtion links at thread tolls and navbar. when I click on these subsc. links it gives mt this error "

HTML Code:
vBulletin Message

You have been banned for the following reason:
No reason was specified.

Date the ban will be lifted: Never
please help me :(

--------------- Added [DATE]1279747279[/DATE] at [TIME]1279747279[/TIME] ---------------

no answer ?

BirdOPrey5 07-22-2010 02:12 AM
are you the forum administrator? Check your account to make sure it's not part of the banned usergroup. :confused:


All times are GMT. The time now is 08:04 AM.

Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.

X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.01464 seconds
  • Memory Usage 1,841KB
  • Queries Executed 10 (?)
More Information
Template Usage:
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (4)bbcode_code_printable
  • (3)bbcode_html_printable
  • (13)bbcode_quote_printable
  • (1)footer
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (6)option
  • (1)post_thanks_navbar_search
  • (1)printthread
  • (35)printthreadbit
  • (1)spacer_close
  • (1)spacer_open 
Phrase Groups Available:
  • global
  • postbit
  • showthread
Included Files:
  • ./printthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/class_bbcode_alt.php
  • ./includes/class_bbcode.php
  • ./includes/functions_bigthree.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • printthread_start
  • bbcode_fetch_tags
  • bbcode_create
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • printthread_post
  • printthread_complete