Dirty Butter Posted September 20, 2017 Share Posted September 20, 2017 (edited) Since upgrading to 6.1.10 I cannot logout of admin without setting off the CSRF issue. In fact, it's not just a notice. It will not let me log out at all. I have to just close the tab via browser. I can stop this behavior by commenting out the new line a the bottom of admin/skins.csrf.inc.php. Since nobody else has mentioned this, it has to be something I've messed up somewhere else. Nothing in the error logs is helpful. Is there somewhere else in the new code that is related to that csrf.inc.php line that maybe I failed to upgrade? Edited September 20, 2017 by Dirty Butter Quote Link to comment Share on other sites More sharing options...
Al Brookbanks Posted September 20, 2017 Share Posted September 20, 2017 Yes there is a token on the logout link to make sure it is you logging yourself out. https://github.com/cubecart/v6/blob/master/admin/skins/default/templates/main.php#L25 Quote Link to comment Share on other sites More sharing options...
Dirty Butter Posted September 20, 2017 Author Share Posted September 20, 2017 That was it. THANKS!! 1 Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.