Welcome to Geeklog, Anonymous Saturday, December 21 2024 @ 06:33 am EST
Geeklog Forums
Session expired and data lost
Status: offline
OMAL
Forum User
Regular Poster
Registered: 12/06/17
Posts: 107
My client has an issue about the editor.
He was editting topics and had an error of expired token.
He is admin. He had this issue multiple times recently.
The error says
I have no idea how to fix it because I don't know how to reproduce the issue. The session time is probably determined by geeklog system.
I want some advice and fix it.
Thanks.
geeklog version:2.1.3
editor:ckeditor
He was editting topics and had an error of expired token.
He is admin. He had this issue multiple times recently.
The error says
The security token for this operation has expired. Please authenticate again to continue.The security token for this operation has expired. If you want to continue with this operation, then please authenticate again below. This will ensure that the changes you just made will not be lost.
Then he input his id and password, whenever he did that, the texts he had editted was cleared and lost after that. He says it was so annoying.I have no idea how to fix it because I don't know how to reproduce the issue. The session time is probably determined by geeklog system.
I want some advice and fix it.
Thanks.
geeklog version:2.1.3
editor:ckeditor
11
12
Quote
Status: offline
Laugh
Site Admin
Admin
Registered: 09/27/05
Posts: 1470
Location:Canada
Hi OMAL,
Security tokens last 20 mins so you would need to open the editor on an article, wait over 20 minutes and then try to save the article to see the error.
Unfortunately that is an issue in Geeklog v2.1.3. The good news is that in Geeklog v2.2.0 it has been fixed so you could upgrade the site.
Your other option is you can try modifying the user file. It was the only file changed for the fix. I would not copy the whole file as that could create other issues in Geeklog v2.1.3 but you could copy over the changes to see if it is fixed:
Info on the issue: https://github.com/Geeklog-Core/geeklog/issues/837
Actual fix: https://github.com/Geeklog-Core/geeklog/commit/d678030514624eddcf14222a083fb330a88bd6ad
To find out more about CSRF tokens see:
http://wiki.geeklog.net/CSRF_Protection
https://en.wikipedia.org/wiki/Cross-site_request_forgery
One of the Geeklog Core Developers.
Security tokens last 20 mins so you would need to open the editor on an article, wait over 20 minutes and then try to save the article to see the error.
Unfortunately that is an issue in Geeklog v2.1.3. The good news is that in Geeklog v2.2.0 it has been fixed so you could upgrade the site.
Your other option is you can try modifying the user file. It was the only file changed for the fix. I would not copy the whole file as that could create other issues in Geeklog v2.1.3 but you could copy over the changes to see if it is fixed:
Info on the issue: https://github.com/Geeklog-Core/geeklog/issues/837
Actual fix: https://github.com/Geeklog-Core/geeklog/commit/d678030514624eddcf14222a083fb330a88bd6ad
To find out more about CSRF tokens see:
http://wiki.geeklog.net/CSRF_Protection
https://en.wikipedia.org/wiki/Cross-site_request_forgery
One of the Geeklog Core Developers.
14
11
Quote
All times are EST. The time is now 06:33 am.
- Normal Topic
- Sticky Topic
- Locked Topic
- New Post
- Sticky Topic W/ New Post
- Locked Topic W/ New Post
- View Anonymous Posts
- Able to post
- Filtered HTML Allowed
- Censored Content