themixtapechannel Posted March 8, 2019 Share Posted March 8, 2019 Hey Everyone, Once again back with the same issue that I always have when upgrading. The not being able to login back in to Admin section after upgrade because the famous Security Alert: Possible Cross-Site Request Forgery (CSRF). Please do not use multiple tabs/windows or the browser back button. Learn more. ERROR. Ofcourse I have tried everything possible as to figure out this issue with no luck as in every single upgrade no matter how I do it, it simply won't work no other way. I used the below setting from "bsmither" help to work around it before, but this does not work on 6.4 version. In /classes/sanitize.class.php, near line 145, find: static private function _stopToken() { Change to: static private function _stopToken() { return; Does anyone know of another or a new way to overide the famous: Security Alert: Possible Cross-Site Request Forgery (CSRF). Please do not use multiple tabs/windows or the browser back button. Learn more. ERROR. It would be much appreciated! Thank you in advance for anyone's feedback! Eddie Link to comment Share on other sites More sharing options...
havenswift-hosting Posted March 9, 2019 Share Posted March 9, 2019 Hi Eddie You should never need to make any changes like that after any upgrade - the reason you get that CSRF error is because the upgrade hasn’t been completed correctly and you have a mix of files from different versions. As a minimum you will have the admin.php file (or whatever it has been renamed as) and the files in the /admin directory (again or whatever it has been renamed as) at different versions. You may well have multiple different admin directories with files at different versions so you need to ch3ck the config.inc.php file to check what the admin file and directory should be called and then ensure that these are at the latest version and anything else is deleted / not accessed ian Link to comment Share on other sites More sharing options...
themixtapechannel Posted March 10, 2019 Author Share Posted March 10, 2019 Hey Moderator, Thank you very much for your heads up. After carefully viewing files structure, your 100% correct. The issue was in the admin_xxxx.php file where the upgrade would make a secondary and duplicate admin file in the format of admin_xxxx.php.php so I was deleting it do to global_config.php being configed to the old file, insted of deleting the old admin_xxxx.php and simply renaming the new admin_xxxx.php.php to admin_xxxx.php which was the correct way to go about it. In short and simple words for anyone that runs into this issue. Simply delete your old admin_xxxx.php file from your home directory and rename the new admin_xxxx.php.php to admin_xxxx.php. Simply remove the extra .php that the upgrade creates to the admin_xxxx.php secondary file. Well, problem resolved, thank you once again for the heads up Moderator. It is very appreciated! Eddie Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.