Welcome to Geeklog Saturday, November 17 2018 @ 12:33 am EST

Geeklog Forums

Session expired and data lost


Status: offline

OMAL

Forum User
Chatty
Registered: 06/12/17
Posts: 63
My client has an issue about the editor.
He was editting topics and had an error of expired token.
He is admin. He had this issue multiple times recently.
The error says
The security token for this operation has expired. Please authenticate again to continue.The security token for this operation has expired. If you want to continue with this operation, then please authenticate again below. This will ensure that the changes you just made will not be lost.
Then he input his id and password, whenever he did that, the texts he had editted was cleared and lost after that. He says it was so annoying.
I have no idea how to fix it because I don't know how to reproduce the issue. The session time is probably determined by geeklog system.

I want some advice and fix it.
Thanks.

geeklog version:2.1.3
editor:ckeditor

Status: offline

Laugh

Site Admin
Admin
Registered: 27/09/05
Posts: 1316
Hi OMAL,

Security tokens last 20 mins so you would need to open the editor on an article, wait over 20 minutes and then try to save the article to see the error.

Unfortunately that is an issue in Geeklog v2.1.3. The good news is that in Geeklog v2.2.0 it has been fixed so you could upgrade the site.

Your other option is you can try modifying the user file. It was the only file changed for the fix. I would not copy the whole file as that could create other issues in Geeklog v2.1.3 but you could copy over the changes to see if it is fixed:

Info on the issue: https://github.com/Geeklog-Core/geeklog/issues/837

Actual fix: https://github.com/Geeklog-Core/geeklog/commit/d678030514624eddcf14222a083fb330a88bd6ad

To find out more about CSRF tokens see:

http://wiki.geeklog.net/CSRF_Protection

https://en.wikipedia.org/wiki/Cross-site_request_forgery


One of the Geeklog Core Developers.

All times are EST. The time is now 12:33 am.

  • Normal Topic
  • Sticky Topic
  • Locked Topic
  • New Post
  • Sticky Topic W/ New Post
  • Locked Topic W/ New Post
  •  View Anonymous Posts
  •  Able to post
  •  Filtered HTML Allowed
  •  Censored Content