News:

SMF 2.1.3 has been released! Take it for a spin! Read more.

Main Menu

Patching to 2.0.14 test failed on custom theme.

Started by lurkalot, May 15, 2017, 05:01:44 PM

Previous topic - Next topic

Illori

this is not something we can fix in a patch. many custom themes do things differently so it requires some work on your end to make it work with with your custom theme.

Kindred

#21
Actually, this will not be "fixed" In Any future release, because the issue is that the login form changed to be more secure... and all themes that have a login box need to be updated.

So, this is not a bug...  this is an issue with custom themes that may require all themes to be updated by the author or the admin/user of the theme


edit -- darned autocorrect (also, did not see Illori's response above when I posted)
Слaва
Украинi

Please do not PM, IM or Email me with support questions.  You will get better and faster responses in the support boards.  Thank you.

"Loki is not evil, although he is certainly not a force for good. Loki is... complicated."

ForumGuy789

Ok thanks for the clarification. I saw Arantor say 'all themes need updating now' and thought it meant non-custom themes too.

Veee

I have a similar issue...

On my case and from the theme I am using, the code that's supposed to be edited isn't under index.template but BoardIndex, is it the same thing? Should I edit it there then?

Thanks!

vbgamer45

Community Suite for SMF - Take your forum to the next level built for SMF, Gallery,Store,Classifieds,Downloads,more!

SMFHacks.com -  Paid Modifications for SMF

Mods:
EzPortal - Portal System for SMF
SMF Gallery Pro
SMF Store SMF Classifieds Ad Seller Pro

Veee

It looks the same, just in a different file. Thank you!

Wellwisher

Thank you @vbgamer45 and @lurkalot this thread saved my life!!!

I too had the same problem, when I upgraded to 2.0.14.  ;D

I remember testing everything up until 2.0.13, everything was going well. Then I saw the upgrade to "2.0.14" button. It was like moth to a flame tbh. After that I began experiencing login problems. Luckily members could login via /index.php?action=login.

Thanks people. Phew, man I felt the stress levels rise like no tommarh....


paybacks1

#27
I have just upgraded to 2.0.14, and the fix posted to include the line of code does not seem to have worked for me. Can anyone provide any further assistance?

I am currently getting 'Your session timed out while posting. Please go back and try again.' This happens when attempting to login, not when posting.

Here is what I have in 'index.template.php':

<form action="', $scripturl, '?action=search2" method="post" accept-charset="', $context['character_set'], '" name="searchform2" id="searchform2">
        <div id="search_term_input2">

        <input placeholder="Search..." type="text" id="search" name="search"', !empty($context['search_params']['search']) ? ' value="' . $context['search_params']['search'] . '"' : '', ' maxlength="', $context['search_string_limit'], '" class="input_text" />
        </div>
        <input type="hidden" name="', $context['session_var'], '" value="', $context['session_id'], '" /></form>';


Does this seem to be the correct place?

I am also unable to log into the forum at all to access the admin panel (unsure if there is a way to access it otherwise).

vbgamer45

Not that area. It would be in either the following files index.template.php boardindex.template.php or login.template.php Attach them if you need help.
It would be any form that has login password box.
Community Suite for SMF - Take your forum to the next level built for SMF, Gallery,Store,Classifieds,Downloads,more!

SMFHacks.com -  Paid Modifications for SMF

Mods:
EzPortal - Portal System for SMF
SMF Gallery Pro
SMF Store SMF Classifieds Ad Seller Pro

paybacks1

I have attached the files if you could point me in the right direction - thanks again

vbgamer45

boardindex and index.template.php are ok

Attach your SSI.php i see your theme uses some SSI functions..


Attached updated login.template.php file
Community Suite for SMF - Take your forum to the next level built for SMF, Gallery,Store,Classifieds,Downloads,more!

SMFHacks.com -  Paid Modifications for SMF

Mods:
EzPortal - Portal System for SMF
SMF Gallery Pro
SMF Store SMF Classifieds Ad Seller Pro

paybacks1

Thanks so much for the prompt replies! I seem to have 2 SSI files, they are attached.

paybacks1

Quote from: paybacks1 on June 15, 2017, 07:30:50 PM
Thanks so much for the prompt replies! I seem to have 2 SSI files, they are attached.

I actually managed to sort the issue out in the SSI2 file. I now have one other issue where the body of any post is not loading past the initial banner with the thread title, so I will have to see about that!

Thanks again for the assistance.

nax

I have a similar problem, I found that in my custom theme the <input type="hidden" name="hash_passwrd" value="" /> did not exist so I manually added it, the upgrade went ok.  Now after several days I'm getting the

An Error Has Occurred!
Your session timed out while posting. Please go back and try again.

I know nothing about SSI files can someone help me here.

nax

This also have another forum with bespoke themes where this happening. Users can still get in using

Myforum/index.php?action=login

I have added the suugested line of code within the form /form section as you can see from the sample below.  Would any files other than index.template be affected?

nax

Despite the upgrade having gone through successfully after I added the missing code in the form section that it  was looking for, the upgrade DID NOT change and replace that code.  I've now gone into both forums affected and can see that this is the case for both of them.  I have replaced the original missing line

<input type="hidden" name="hash_passwrd" value="" />

with

<input type="hidden" name="', $context['session_var'], '" value="', $context['session_id'], '" />

I'll see if that cures the problem.

nax

I've recently had an issue upgrading from 2.0.13 to 2.0.14 I think it is resolved BUT I have a few questions to help my understanding and clarification of how the SMF system works.

I have two sites let's call then A and B. Both sites use bespoke templates and the upgrade failed on both sites when it came to the following find and replace action :

Operation #2
Find: [Select]
<input type="hidden" name="hash_passwrd" value="" />
Replace With: [Select]
<input type="hidden" name="hash_passwrd" value="" /><input type="hidden" name="', $context['session_var'], '" value="', $context['session_id'], '" />

After double checking the current theme file location in Admin, I duly added the
<input type="hidden" name="hash_passwrd" value="" />
in the appropriate place in the login form area of the index.template.php file – I did this for both sites.

I ran the upgrade again and it went through no problem on both sites.
 
Then I started to get emails from users on both sites saying they couldn't login.

I checked the index.template.php file on sites A and B in the current theme directory and found that the line I had added had not been replaced, so I did the replacement manually and all seems to be well.

My question/concern is this: Why didn't the replacement happen? Should it have updated the index.template.php file in the core and babylon theme directories as well as I can see no changes to them.

Am I getting confused because some altered files are copied to the "Default" theme directory as the index.template.php has the correct updated code in it?

I'm just trying to sort out in my own mind how it works.

b4pjoe

I seem to be having this same problem. When I try to login I get:

Session verification failed. Please try logging out and back in again, and then try again.

The thing is I am NOT using a custom theme. I am using the SMF default curve theme. It did just happen after upgrading the forum to 2.0.14.

If it matters I do use the PortaMx portal but I am trying to login via the standard SMF login. Any ideas?

Sir Osis of Liver

That's a 2.0.14 bug, it's only affected a few forums.  Only way I found to fix it is disable sression check in LogInOut.php -



// Are you guessing with a script?
// checkSession('post');
spamProtection('login');



"The best laid schemes o' mice an' men / Gang aft a-gley." - Robert Burns

b4pjoe

Quote from: Sir Osis of Liver on November 06, 2017, 11:56:49 AM
That's a 2.0.14 bug, it's only affected a few forums.  Only way I found to fix it is disable sression check in LogInOut.php -



// Are you guessing with a script?
// checkSession('post');
spamProtection('login');



Well disabling that allowed me to login to the forum but when I try to go to admin it still wants my password and I get the same error after I enter it. And now it won't let me logout. Even after re-enabling checkSession. Same error. So now I still can't get into admin and now I can't logout.

Advertisement: