The vB Geek

The vB Geek (http://www.thevbgeek.com/index.php)
-   Geek Article and Review System (http://www.thevbgeek.com/forumdisplay.php?f=26)
-   -   vB 3.7 Token Problem (http://www.thevbgeek.com/showthread.php?t=4304)

MotMann 05-22-2008 01:46 PM

vB 3.7 Token Problem
 
vB means, that the Problem is from GARS.

Is that right?

Morgan 05-22-2008 02:31 PM

http://www.thevbgeek.com/showthread.php?t=4190

MotMann 05-22-2008 04:01 PM

Yes, thats it .. thanks :)

markblair 06-05-2008 08:03 AM

I'm not sure if this is the same problem although it appears to be. I'm getting the following error and I have updated to GARS 2.1.8m.
Quote:

Your submission could not be processed because a security token was missing or mismatched.

If this occurred unexpectedly, please inform the administrator and describe the action you performed before you received this error.

Morgan 06-05-2008 05:10 PM

If you upgraded GARS after 25th April 2008 (see here) then GARS already has the changes for CSRF protection. If not, you need to do these changes. Otherwise, it could be another modification so temporarily turn off all modifications other than GARS to try and determine what modifications needs to be updated for CSRF protection.

markblair 06-06-2008 06:50 AM

Thanks for the suggestions Morgan. I tried disabling all of the products and add-ons (there aren't that many installed) and the problem still happens with them disabled. I am using the latest version but could this have anything to do with the fact that I changed domain names recently? GARS is licensed to me with the old domain name. I did submit a request to change the license information but it hasn't gone through yet.

Also, I have an RSS feed that automatically posts in the same forum where GARS is enabled. Those posts are working fine. However, when myself or one of my members tries to create a thread there, it fails with the above error message. Maybe this means something, I don't know.

Thanks again for looking into this. :)

Morgan 06-08-2008 06:49 PM

Look at what templates you have set in the ACP -> GARS -> Templates and make sure that the following is present after <form...method="post"> and before </form>:
Code:

<input type="hidden" name="securitytoken" value="$bbuserinfo[securitytoken]" />
All the default GARS templates have that line, but if you didn't revert the templates listed here, or are using your own custom templates, then you need to add that line to the templates. More information about CSRF protection can be found here.


All times are GMT. The time now is 04:40 PM.

Powered by vBulletin® Version 3.8.5
Copyright ©2000 - 2017, Jelsoft Enterprises Ltd.