Posted on: 01/21/09 06:32am
By: worldfooty
Hi,
I upgraded to GL1.5.1 recently from GL1.4.0.
I've started to notice that sometimes I edit people's stories and then press save and I don't get the saved story message 9. Instead it goes back to the story list and only the stories for that topic are showing (the selection menu shows the specific topic).
I'm wondering if this is related to the CSRF fix mentioned here
http://www.geeklog.net/article.php/csrf[*1]
I don't know much about it, but could it be because some token expires? I typically have stories sitting there mid-edit for an hour or more - some are very long, some need emails answered or images edited, and sometimes I just wander off around the house.
If that is the problem, shouldn't it at least give an error message saying so, and suggesting pressing BACK and cut and pasting your hard work to somewhere safe?
There's a few issues like that which I'm curious about but I figure I should start a new thread for each topic.
Cheers,
Brett
Re: Stories not always saving
Posted on: 01/21/09 06:43am
By: Dirk
Yes, the CSRF token expires after 20 minutes. So you should at least hit Preview once in a while to refresh it.
And I agree, we should be displaying a warning message.
bye, Dirk
Re: Stories not always saving
Posted on: 01/21/09 06:57am
By: worldfooty
OK, I'll warn my other editors.
Does that mean error message is officially a request for future releases or should I note it somewhere?
Would this affect public users submitting stories as submissions or just editors?
Re: Stories not always saving
Posted on: 01/21/09 02:37pm
By: Dirk
Quote by: worldfootyDoes that mean error message is officially a request for future releases or should I note it somewhere?
Adding it on our bugtracker can't hurt ...
Quote by: worldfootyWould this affect public users submitting stories as submissions or just editors?
The CSRF protection is only implemented for the various admin functions.
bye, Dirk
Re: Stories not always saving
Posted on: 01/22/09 05:26am
By: ::Ben
Hello,
I made a
feature request[*2] for auto draft story, like this we could also bypass the CSRF token expiration.
::Ben
Re: Stories not always saving
Posted on: 01/27/09 07:36am
By: worldfooty
Oh dear, I warned all our regular writers about this timeout issue, but I've already had one guy come back and say he wrote a long story (his first for quite a while) and it didn't save because of this. The key being that he didn't notice until much later when it was too late. Hopefully he'll remember!
Re: Stories not always saving
Posted on: 02/12/09 07:33am
By: TeMpTiN
No matter what is at fault I always recommend writing stories and some time even forum posts in you local word processor and the copying to the story editor.
It is a pain some times but you should never loose your work to a timeout or connection glitch.
Re: Stories not always saving
Posted on: 02/14/09 12:53am
By: worldfooty
Yes, I tell our writers the same thing - and then fail to observe that rule myself.
I also discovered that the same thing happens with static pages, but even worse in that you can't use Preview to make sure it is "fresh".
Re: Stories not always saving
Posted on: 01/02/10 10:12am
By: Dirk
Re: Stories not always saving
Posted on: 01/02/10 10:55am
By: worldfooty
:banana:
That's great news! In my list of top 10 issues with Geeklog, it fills spots 1 to 6 !
It will be a great relief, especially with static pages where there was no hint, to know whether an article is saving.
The suggested solution looks nice and I like the text re-assuring the user that their changes will not be lost - that should stop people panicking and pressing Back.
Re: Stories not always saving
Posted on: 12/29/10 07:19am
By: worldfooty
Having just installed 1.7.1 (up from 1.5) I was very excited that the CSRF token expiration issue would go away.
Sure enough, I was logged in as myself with admin functions, editing a story, and it expired, so it took me to the authentication page, and I entered by username and password and it saved it okay. Yes!
But I've had the same thing happen several more times, with a complete failure. I've been editing, pressed saved and been sent to the page:
http://www.worldfootynews.com/admin/story.php
The security token for this operation has expired. Please authenticate again to continue.
Authentication Required
The security token for this operation has expired. If you want to continue with this operation, then please authenticate again below. This will ensure that the changes you just made will not be lost.
Username:
Password:
So I enter it, and then I get sent to:
http://www.worldfootynews.com/users.php
Authentication Required
Username:
Password:
All access to administrative portions of this web site are logged and reviewed.
This page is for the use of authorized personnel only.
I enter my username and password and end up at the moderation page, and my story is lost. If I go back on my browser, I get to the last version of the story prior to all my changes. So no way of recovering it.
Any ideas what is going wrong? I'm using Firefox and my user account is set to keep me logged in for 8 hours, and the error seems to occur even if I am still logged in.
Re: Stories not always saving
Posted on: 12/29/10 08:06am
By: worldfooty
I wonder if it is tied up with my whole login expiring? I just went back to my site, where I was logged in, and clicked on Stories from the admin menu, to go back and look at a story. It took me back to the login Authentication Required page (the url was /admin/story.php?mode=edit&editor=std&sid=20101229122021798), even though it had been only about 60 mins away from the window, and then when I entered my username and password it took me to /admin/moderation.php rather than the story I had clicked on.
Re: Stories not always saving
Posted on: 12/30/10 02:56am
By: ::Ben
Could it be a theme issue? Did you upgrade your theme?
::Ben
Re: Stories not always saving
Posted on: 12/30/10 08:43am
By: worldfooty
Woops, didn't mean to have an emoticon above.
My only theme is Professional, which I believe rolls out with GL 1.7.1, and I make the same mods to it after each upgrade. Are any of these likely to affect it?
\public_html\
lib-common.php - changed one case of Root to Story Admin so HTML checking not applied to Admins
\geeklog\language\
english_utf-8.php - some extra stuff
\geeklog\system\
lib-comment.php - 2 extra lines for comment form
lib-story.php - restrict hits display to only if > 150 and body not empty
lib-custom.php - added phpblock_submissions for my own submissions style
\public_html\
stats.php - commented out part so active users is registered users
\public_html\layout\professional\
footer.thtml - add credits to 2 other sotes, change widths to handle it
style.css - several changes to header section and added image-body
img section to put space across story images
leftblocks.thtml - added small WFN logo at top of LHS block
header.thtml - add banner and sponsor ad, required changes to style.css too, and new header-bg,
and add Google analytics code.
\public_html\layout\professional\comment\
commentform.thtml - insert the 2 extra lines for the comment form
commentform_advanced.thtml - insert the 2 extra lines for the comment form