Jump to content
MakeWebGames

Mccodes Csrf Issue


Recommended Posts

So i fresh installed Mccodes v2.05b to my host to test my module to fix issues within my Advanced Drugs Module all was good but since like the last 3 days i have not been able to login due to a CSRF issue which is not working. I have done nothing have tried this on a fresh install and @Dave has said hes had not made any changes to the server so i was wondering if anyone else having this issue while being hosted by makewebgames? 

Link to comment
Share on other sites

13 hours ago, Magictallguy said:

I work for a small number of sites on the same host and have not experienced this issue.
Check your session handling

Okay thanks i dont seem to be having the issue on any other site i use but for some reason mccodes just wont read the csrf token being sent it is being sent i made sure of that i have made 0 changed to my mccodes v2.05b so i am stumped.

Link to comment
Share on other sites

I remember experiencing this issue before in multiple other engines and almost every case came down to sessions.
There was one or two cases where a token was being set before it was processed (invalidating the expected key before we could touch it) - check for duplicate calls to MCCv2's CSRF token generation function

Link to comment
Share on other sites

  • 1 month later...

The csrf is working as i just added it to a staff file for my Advanced drugs module so not quite sure what is up i seem to be having the same issue with grpgv2 it just wont read the session anything i try to do just get the security timeout message but it was working and i have not really made any changes accept the header.php but i have tried to replace the csrf file with my code base in case it was the file and something to do with  new updated header.php code.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...