Announcement

Collapse
No announcement yet.

CSRF Protection in AdminCp --- Please Help!!!

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • ru55ian
    replied
    I have managed (with extensive help from all of you) to get the board back to working condition.

    I only have one problem left if anyone can help with this i would really appreciate it:

    The only place i get this error now is after user registers, board redirects user to: /profile.php?do=dst

    I have tried everything to get rid of this, but still same thing.

    My question is: what file i need to modify to point the user somewhere else after the registration instead of this profile.php?do=dst

    Thanks in advance for all your help.

    Leave a comment:


  • Steve Machol
    replied
    Download a new vB zip file, then reupload all the original vB files, except the 'images' directory and install.php.

    Leave a comment:


  • ru55ian
    replied
    Hi, I have done that and i think this is the problem:

    global.php File does not contain expected contents


    As in global.php, but i have overwritten it 10 times from the original zip file in binary as well as Ascii and that message never changes.
    What else could be wrong here?

    please advise.

    Leave a comment:


  • Jose Amaral Rego
    replied
    You might also need to upload all non-image files in ASCII mode and then...
    Run - Maintenance > Diagnostics > Suspect File Versions and what method did you you to disable your products/plugins.

    Leave a comment:


  • ru55ian
    replied
    I have read that post and followed instructions, disabled all plugins, got my forum to work fine now, but admincp still giving me errors.

    Leave a comment:


  • Jose Amaral Rego
    replied
    It is a sticky.
    http://www.vbulletin.com/forum/showthread.php?t=268610

    Leave a comment:


  • ru55ian
    started a topic CSRF Protection in AdminCp --- Please Help!!!

    CSRF Protection in AdminCp --- Please Help!!!

    Hi, after upgrading to 3.6.10 I, just like many other users have experienced problems with CSRF, in particular following message:

    Code:
    Your submission could not be processed because a security token was missing or mismatched.
     
    If this occurred unexpectedly, please inform the administrator and describe the action you performed before you received this error.
    after reading many posts on how to fix the issue, i managed to restore most of my forum's functionality, but now i started getting this message in AdminCp, and from what i can understand, admincp shouldn't give you errors as all templates and files original without mod's.
    here are couple of messages i got so far, is there anyone out there that can point me in the right direction on how to fix this? P.S. i am not a coder or programmer, newbie, so please provide step by step instruction

    Code:
    Missing or Invalid Security Token detected.
     
    Script Call Backtrace
    =====================
    #0 /home/content/html/vb/includes/functions.php line 2420: eval()
    #1 /home/content/html/vb/includes/init.php line 417: fetch_error(security_token_missing,ltr,sendmessage.php)
    #2 /home/content/html/vb/admincp/global.php line 34: require_once(/home/content/html/vb/includes/init.php)
    #3 /home/content/html/vb/admincp/newsproxy.php line 25: require_once(/home/content/html/vb/admincp/global.php)
     
    POST Variables
    ==============
    Array
    (
        [securitytoken] => 
        [s] => 
        [do] => 
    )
     
    Request URI
    ===========
    /vb/admincp/newsproxy.php
    and:

    Code:
    Missing or Invalid Security Token detected.
     
    Script Call Backtrace
    =====================
    #0 /home/content/html/vb/includes/functions.php line 2420: eval()
    #1 /home/content/html/vb/includes/init.php line 417: fetch_error(security_token_missing,ltr,sendmessage.php)
    #2 /home/content/html/vb/admincp/global.php line 34: require_once(/home/content/html/vb/includes/init.php)
    #3 /home/content/html/vb/admincp/options.php line 34: require_once(/home/content/html/vb/admincp/global.php)
     
    POST Variables
    ==============
    Array
    (
        [do] => validate
        [adminhash] => ec871aa02f68ad2e40af6ef7ac7e0d46
        [setting] => Array
            (
                [cpstylefolder] => vBulletin_3_Blaze
            )
     
        [varname] => cpstylefolder
        [securitytoken] => 
        [s] => 
    )
     
    Request URI
    ===========
    /vb/admincp/options.php?do=validate&varname=cpstylefolder

Related Topics

Collapse

Working...
X