Jump to content
Sign in to follow this  
themixtapechannel

Upgrade from 6.2.2 to 6.4 Incomplete

Recommended Posts

Hey Everyone, Once again back with the same issue that I always have when upgrading. The not being able to login back in to Admin section after upgrade because the famous Security Alert: Possible Cross-Site Request Forgery (CSRF). Please do not use multiple tabs/windows or the browser back button. Learn more. ERROR.

Ofcourse I have tried everything possible as to figure out this issue with no luck as in every single upgrade no matter how I do it, it simply won't work no other way.

I used the below setting from "bsmither" help to work around it before, but this does not work on 6.4 version.

In /classes/sanitize.class.php, near line 145, find: static private function _stopToken() { Change to: static private function _stopToken() { return;

Does anyone know of another or a new way to overide the famous: Security Alert: Possible Cross-Site Request Forgery (CSRF). Please do not use multiple tabs/windows or the browser back button. Learn more. ERROR.

It would be much appreciated!

 

Thank you in advance for anyone's feedback!

Eddie

 

Share this post


Link to post
Share on other sites

Hi Eddie

You should never need to make any changes like that after any upgrade - the reason you get that CSRF error is because the upgrade hasn’t been completed correctly and you have a mix of files from different versions. As a minimum you will have the admin.php file (or whatever it has been renamed as) and the files in the /admin directory (again or whatever it has been renamed as) at different versions.  You may well have multiple different admin directories with files at different versions so you need to ch3ck the config.inc.php file to check what the admin file and directory should be called and then ensure that these are at the latest version and anything else is deleted / not accessed

ian

Share this post


Link to post
Share on other sites

Hey Moderator, Thank you very much for your heads up. After carefully viewing files structure, your 100% correct. The issue was in the admin_xxxx.php file where the upgrade would make a secondary and duplicate admin file in the format of admin_xxxx.php.php so I was deleting it do to global_config.php being configed to the old file, insted of deleting the old admin_xxxx.php and simply renaming the new admin_xxxx.php.php to admin_xxxx.php which was the correct way to go about it.

In short and simple words for anyone that runs into this issue. Simply delete your old admin_xxxx.php file from your home directory and rename the new admin_xxxx.php.php to admin_xxxx.php. Simply remove the extra .php that the upgrade creates to the admin_xxxx.php secondary file.

 

Well, problem resolved, thank you once again for the heads up Moderator. It is very appreciated!

Eddie

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Sign in to follow this  

×
×
  • Create New...