Hi guys I did upgrade from 2.13 to 2.14 and once I did I received the following error:
" Your session timed out while posting. Please go back and try again."
This in index page.
If i try to login by .. forum/index.php?action=profile;u=7144 it works.
Any idea?
I'm also getting this
A simple search for 'session timed out' would have yielded a boatload of threads about this in the last couple of days ...
Quote from: DebbieManning on May 17, 2017, 04:37:45 PM
I'm also getting this
you have a topic already on this. please stick to that topic. https://www.simplemachines.org/community/index.php?topic=553957.0
Quote from: Illori on May 17, 2017, 04:44:01 PM
Quote from: DebbieManning on May 17, 2017, 04:37:45 PM
I'm also getting this
you have a topic already on this. please stick to that topic. https://www.simplemachines.org/community/index.php?topic=553957.0
It isn't the same problem this user is getting tho mine is mod related this is sign in related but I have been made aware of this fault by my members which I didn't know about
either way this topic belongs to someone else and you have a topic open. so post about your issue in that topic so we can help you resolve the issue.
Some people read this topic by thinking that there is a problem... some others like me, I am reading it as indication about getting alerted or not.
Installation of 2.0.14 this when smoothly in my case.
And my advice to people reporting such problems this is that they should be more specific.
Reply message - session timeout, this is adjustable by the Admin.
Therefore here there is only one Good question and this is: Does time-out occurs despite the timing this be adjusted by the Administrator? (SMF settings)
i fixed this problem
find and check Sources/LogInOut.php file, must be exatcly like below. if there is any code between them, like session , delete that line.
// Are you guessing with a script?
spamProtection('login');
Quote from: ceylankral on July 04, 2017, 06:39:19 AMif there is any code between them, like session , delete that line.
Do not do that. At most, comment out the session line temporarily.
Removing that line disables the session check that was added to 2.0.14. It fixes the login problem, but may bork upcoming 2.0.15 if the line is missing when patch is installed. Depends on whether the devs make any changes that edit that block of code. You'd either have to remember to restore the code, or revert to 2.0.13, then upgrade .13 -> .14 -> .15.
Removing that line of code disables SECURITY that was added to 2.0.14... so, removing that line does a lot more than affect your possible 2.0.15 upgrade... it also affects your site security
It should not be done.
Quote from: ceylankral on July 04, 2017, 06:39:19 AM
i fixed this problem
find and check Sources/LogInOut.php file, must be exatcly like below. if there is any code between them, like session , delete that line.
// Are you guessing with a script?
spamProtection('login');
Up, any news on this problem? I had to comment this line too to make my members login.
are you using a custom theme? did you apply the fix to your theme if you are?
This problem has been reported on several forums that are running Curve with the correct updated login code. I worked on one, and had the glitch in a clean 2.0.14 install running in php 7.1. Only way to correct it is to remove session check in LogInOut.php. Was not able to determine the cause, but it may be related to unusual host config.
I am also having this issue. One of my members has been unable to log in for over a week so I don't think it's based on a timeout. I logged out (usually kept logged in all the time) and tried to log back in and also got the error.
Removing security checks is obviously not great, but I'm not quite sure what else we can do here. I'm not sure what good a secure forum is if no one can log in.
Someone suggested it could be a hosts file. What would I look for if so?
I poked at the code a bit. It seems that it's not sending it over post ($_POST['sc'] or $_POST[$_SESSION['session_var']]). I tried setting it to the 'request' mode as well which allows it over get and that fails as well. Assuming that's since it's supposed to be a post request, so makes sense. Is anyone familiar with these?
I am going to disable the check but hopefully someone has some insight here..
please open a separate topic for your issue, this topic belongs to someone else.
Are you running Curve or a custom theme?
Hi,
i figure it out but i dont no how to fix it. Im on anecdota.
If you use that Login-Part (at anecdota) on the upper right site my login fails for everyone.
But iy you use the login from the normal standard login like url..../index.php?action=login everything is fine.
But i have no idea why that smal port to login dosent work. I have not the biggest experience in coding
Hmmm. Anecdota links in the index.template.php to "login2"
(Linenumbers in frot)
216 <script language="JavaScript" type="text/javascript" src="', $settings['default_theme_url'], '/scripts/sha1.js"></script>
217 <form action="', $scripturl, '?action=login2" method="post" accept-charset="', $context['character_set'], '" style="margin: 4px 0;"', empty($context[' disable_login_hashing']) ? ' onsubmit="hashLoginPassword(this, \'' . $context['session_id'] . '\');"' : '', '>
If i change that to "login" it redirects my to my login-page (thats a workaround. My members must type twice, but the login at the second time are working)
Have you added the session check to Anecdota index.template.php?
<input type="hidden" name="hash_passwrd" value="" />
<input type="hidden" name="', $context['session_var'], '" value="', $context['session_id'], '" />
You have to add the second line.
Hmmm, try but there are no changes. Login dosent work
YES: Update. It works. I made a failure and remove a " with my fat fingers. It works !
THANKS
Attach the file.
It works. Fingertrouble. I made a diff and find it (my luck that my provider give me ssh-cli)
As so many different people have posted in this topic I'm marking it solved and locking it. Anyone who hasn't gotten an answer to your question, please start a new thread.