Go Back   vb.org Archive > vBulletin 3 Discussion > vB3 General Discussions
Reload this Page Missing Security Token - Template Issue
FAQ Community Calendar Today's Posts Search

Reply
 
Thread Tools Display Modes
  #1  
Old 03-09-2009, 10:51 PM
RavrSimba RavrSimba is offline
 
Join Date: Mar 2008
Posts: 10
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default Missing Security Token - Template Issue
I have searched and narrowed the problem down to my template. I'm using a very stripped down template for a mobile website. I'm lost when it comes to coding it to work correctly. I tried pulling the quickreply code from another template but then it doesn't display correctly. I do not want the WYSIG options, just a basic text input box and a "post" button.

Code:
$stylevar[htmldoctype]
<html dir="$stylevar[textdirection]" lang="$stylevar[languagecode]" xmlns="http://www.w3.org/1999/xhtml">
<head>
	$headinclude
	<title>$thread[title]<if condition="$pagenumber>1"> - <phrase 1="$pagenumber">$vbphrase[page_x]</phrase></if> - $vboptions[bbtitle]</title>
</head>
<body onload="$onload">
<div class="mobiletitle">
App
<a id="homeButton" class="mobilebutton" href="forumdisplay.php?$session[sessionurl]f=$forumID">Back</a>
<a class="mobilebutton" href="/search.php">Search</a>
</div>
<div align="left">
$navbar
</div>
<div align="center"><h2 id="title-thread">$thread[title]</h2></div>

<if condition="$show['largereplybutton']">
<if condition="$show['closethread']"><a class="mobile_button" href="#respuesta"></a><else /><div align="center"><img src="$stylevar[imgdir_button]/threadclosed.gif" alt="$vbphrase[closed_thread]" border="0" /></div></if>
</if>

<!-- / controls above postbits -->

$postbits

<if condition="$show['pagenav']">$pagenav</if>
<if condition="!$show['search_engine']">
<ul>
<li class="inline">
<strong>&laquo;</strong> <a href="showthread.php?$session[sessionurl]t=$threadid&amp;goto=nextoldest" rel="nofollow">$vbphrase[prev_thread]</a> | <a href="showthread.php?$session[sessionurl]t=$threadid&amp;goto=nextnewest" rel="nofollow">$vbphrase[next_thread]</a> <strong>&raquo;</strong>
</li>
</ul>
</if>

<a name="respuesta"></a>
<if condition="$show['quickreply']">
<!-- quick reply -->
<h1>$vbphrase[quick_reply]</h1>
<ul>
<li style="text-align:center;">
<form action="newreply.php?do=postreply&amp;t=$threadid" method="post" name="vbform" onsubmit="return qr_prepare_submit(this, $vboptions[postminchars]);" id="qrform">
$messagearea
<input type="hidden" name="fromquickreply" value="1" />
<input type="hidden" name="s" value="$session[sessionhash]" />
<input type="hidden" name="do" value="postreply" />
<input type="hidden" name="t" value="$threadid" id="qr_threadid" />
<input type="hidden" name="p" value="$qrpostid" id="qr_postid" />
<input type="hidden" name="parseurl" value="1" />
<input type="hidden" name="loggedinuser" value="$bbuserinfo[userid]" />
<input type="submit" class="button" style="margin-top: 20px;" value="$vbphrase[post_quick_reply]" accesskey="s" title="(Alt + S)" name="sbutton" tabindex="2" id="qr_submit" onclick="clickedelm = this.value" />
</form>
</li>
</ul>
<!-- end quick reply -->
</if>
$wrt_template
$footer
</body>
</html>
So essentially... I need to know what needs to be in the -- Quick Reply -- coding in order for it to work and not give a missing security token error.
Reply With Quote
  #2  
Old 03-09-2009, 10:54 PM
Lynne's Avatar
Lynne Lynne is offline
 
Join Date: Sep 2004
Location: California/Idaho
Posts: 41,180
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
Here is the article about the security tokens - it has the line you need to add to your form in there. Implementing CSRF Protection in modifications
Reply With Quote
  #3  
Old 03-09-2009, 10:55 PM
ragtek ragtek is offline
 
Join Date: Mar 2006
Location: austria, croatia
Posts: 1,630
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
add
HTML Code:
<input type="hidden" name="securitytoken" value="$bbuserinfo[securitytoken]" />
under
HTML Code:
<input type="hidden" name="s" value="$session[sessionhash]" />
Reply With Quote
  #4  
Old 10-19-2010, 06:10 AM
vytran vytran is offline
 
Join Date: Sep 2010
Posts: 2
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
you find
showthread_quickreply
showthread_quickreply_full
and add
HTML Code:
<input type="hidden" name="s" value="{vb:raw session.sessionhash}" />
<input type="hidden" name="securitytoken" value="{vb:raw bbuserinfo.securitytoken}" />
Reply With Quote
  #5  
Old 10-19-2010, 09:41 AM
sulasno sulasno is offline
 
Join Date: Feb 2010
Posts: 588
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
why can't updated versions of vBulletin add the above codes ?
Reply With Quote
  #6  
Old 10-19-2010, 02:05 PM
Lynne's Avatar
Lynne Lynne is offline
 
Join Date: Sep 2004
Location: California/Idaho
Posts: 41,180
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
Updated versions of the vB code does add in the above code. Problem is, too many admins don't bother to upgrade their templates after an upgrade and so they code doesn't get added.

You *need* to upgrade your custom templates after an upgrade!
Reply With Quote
  #7  
Old 10-20-2010, 12:02 AM
sulasno sulasno is offline
 
Join Date: Feb 2010
Posts: 588
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
I created a style using the style generator and occasionally still have the same problem
Reply With Quote
  #8  
Old 10-28-2010, 12:06 PM
fxwoody's Avatar
fxwoody fxwoody is offline
 
Join Date: Jun 2010
Location: On Earth
Posts: 291
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
Ok, if i get it right, every where we have the sessionhash value, we should find the security token under it ! Right?
I'm having some trouble with one skin in particular, my other 4 are all ok but this one is giving me trouble with some options! Could it be this????
Reply With Quote
Reply

« Previous Thread | Next Thread »

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump


All times are GMT. The time now is 03:42 PM.

Contact Us - Archive - Top

Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.04253 seconds
  • Memory Usage 2,233KB
  • Queries Executed 13 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (1)ad_showthread_firstpost
  • (1)ad_showthread_firstpost_sig
  • (1)ad_showthread_firstpost_start
  • (1)bbcode_code
  • (3)bbcode_html
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)navbar
  • (3)navbar_link
  • (120)option
  • (8)post_thanks_box
  • (8)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (8)post_thanks_postbit_info
  • (8)postbit
  • (8)postbit_onlinestatus
  • (8)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 
Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • fetch_musername
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete