SwiftGameR Posted June 28, 2020 Share Posted June 28, 2020 So i fresh installed Mccodes v2.05b to my host to test my module to fix issues within my Advanced Drugs Module all was good but since like the last 3 days i have not been able to login due to a CSRF issue which is not working. I have done nothing have tried this on a fresh install and @Dave has said hes had not made any changes to the server so i was wondering if anyone else having this issue while being hosted by makewebgames? Quote Link to comment Share on other sites More sharing options...
Magictallguy Posted June 28, 2020 Share Posted June 28, 2020 I work for a small number of sites on the same host and have not experienced this issue. Check your session handling Quote Link to comment Share on other sites More sharing options...
SwiftGameR Posted June 29, 2020 Author Share Posted June 29, 2020 13 hours ago, Magictallguy said: I work for a small number of sites on the same host and have not experienced this issue. Check your session handling Okay thanks i dont seem to be having the issue on any other site i use but for some reason mccodes just wont read the csrf token being sent it is being sent i made sure of that i have made 0 changed to my mccodes v2.05b so i am stumped. Quote Link to comment Share on other sites More sharing options...
Magictallguy Posted June 29, 2020 Share Posted June 29, 2020 I remember experiencing this issue before in multiple other engines and almost every case came down to sessions. There was one or two cases where a token was being set before it was processed (invalidating the expected key before we could touch it) - check for duplicate calls to MCCv2's CSRF token generation function Quote Link to comment Share on other sites More sharing options...
SwiftGameR Posted July 29, 2020 Author Share Posted July 29, 2020 The csrf is working as i just added it to a staff file for my Advanced drugs module so not quite sure what is up i seem to be having the same issue with grpgv2 it just wont read the session anything i try to do just get the security timeout message but it was working and i have not really made any changes accept the header.php but i have tried to replace the csrf file with my code base in case it was the file and something to do with new updated header.php code. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.