WSD Posted August 25, 2020 Share Posted August 25, 2020 I have decided to start a new thread instead of keep adding to an somebody elses old one. Last week i upgraded to the lastest version of all in one shipping module and now any time i try to make a change i get a CSRF warning. Bsmither was trying to help me get this sorted but we never managed to find a solution. I really need to get this sorted. Any ideas?? Bsmither was working on the admin file not being correct but when we changed that then i was unable to login to admin side of my website. Starting to wish i never bothered with the update now Thanks for your help Wil Link to comment Share on other sites More sharing options...
Al Brookbanks Posted August 25, 2020 Share Posted August 25, 2020 Increase the max_post_vars in PHP config. Link to comment Share on other sites More sharing options...
bsmither Posted August 25, 2020 Share Posted August 25, 2020 In working with WSD via email, we discovered that his site has /admin/ and /admin_aBcDeF/ folders. The /admin_aBcDeF/ version of CubeCart is before it added the hidden token input before each </form> tag in the Smarty output stream. Thus, the latest versions of AIOS is no longer compatible with earlier versions of CC as there is no longer any inclusion of the token to be POSTed. WSD has also found the forum conversations discussing max_input_vars and had already adjusted that to 8000. The quandry now is why, when having edited the global.inc.php file to use the /admin/ folder (the file dates correspond to CC629), did CC still want to use the older folder. Link to comment Share on other sites More sharing options...
WSD Posted August 27, 2020 Author Share Posted August 27, 2020 Any ideas anyone? Bsmither seems to have explained very well where we got upto. Link to comment Share on other sites More sharing options...
WSD Posted August 27, 2020 Author Share Posted August 27, 2020 Does anyone know of another shipping module that does similar to all in one shipping? Don't seem to be able to get this fixed after doing the update and need to make some changes to included and remove some countries from my shipping services. Link to comment Share on other sites More sharing options...
bsmither Posted August 27, 2020 Share Posted August 27, 2020 I coded a variant of the AIOS module's admin settings screen to add back the security token form element. Thus, it should now avoid the CSRF compatibility issue from having an older administration codebase. Link to comment Share on other sites More sharing options...
WSD Posted August 27, 2020 Author Share Posted August 27, 2020 Thanks bsmither will give that a try now Link to comment Share on other sites More sharing options...
mybpcreditcards Posted May 12, 2021 Share Posted May 12, 2021 I faced similar kind of issue last time, I am still searching for some proper solution..... mybpcreditcard Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.