Jump to content

Being Sent To Dashboard on Save


jkmorganpets

Recommended Posts

Periodically when I go to save a change, or save and reload, instead of saving then taking me back to the products page or the product I am working on, I get sent to the dashboard without any of my changes being saved. It has always done this, more of a nuisance than anything, but  now I have to add a lot of prices in the attributes, and doing a whole pile just to have them not saved it getting to me.

Anyone else experience this glitch on 5.2.16?

 

Jill

cc5.2.16

Link to comment
Share on other sites

This is a very unfortunate consequence of having implemented a measure of security. I have no explanation for the true reason why this measure of security is in place, but I can see its intent.

The intent I am assuming is to prevent the willy-nilly submission of form data, hoping to get bad data injected into the system by a rogue player. Having a cookie that controls the "admin's activity session" is one thing, but having a unique token that is checked against every form submission -- and is unique for every time Cubecart sends to you a form to fill out, is very clear in the effort to block against unexpected form submissions.

In CC3/4, not having this unique token get in the way meant I could open 40 tabs in my browser, make a minor adjustment as needed to each, then save each form -- all in rapid fire.

Not so with CC5/6. CubeCart remembers the last security token created with the most recent form sent out. Submitting a prior form means the latest security token is now expired and any more form submissions will not have a good security token. When Cubecart determines the security token is not what is expected, the form data submitted is trashed and the Dashboard is sent to the browser.

We can try to render impotent the security token.

Link to comment
Share on other sites

This type of security measure, known as the Synchronizer Token Pattern, is typically implemented to prevent Cross-Site Request Forgery attacks, which, while rare and usually difficult to pull off, can be very devastating when successful.

EDIT: Note that you can avoid getting sent to the dashboard by working with the admin panel open in only one tab at a time, which is unfortunate because having multiple tabs open to different parts of the admin panel often makes a task easier to complete.

Edited by bsandall
Link to comment
Share on other sites

So it's OK to open various tabs of Admin pages for reference, as long as all the others are just to look at, NOT edit/save?

Yes, as long as the page containing the form you want to submit is the last one you opened. If you open any other admin tab page afterward, and you entered some data but didn't submit the form, all that data will be lost*.

Thus, if you are planning to submit a form, I recommend you only have one tab open - it's easy to forget and open another tab by accident half-way through a form (I've done it lots... but maybe that's just me).

* Unless you open yet another tab to the same page and copy/paste that data over and then submit that one, but if you tried to submit the first one, *poof*

Edited by bsandall
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...