Advanced search  

News:

cpg1.5.48 Security release - upgrade mandatory!
The Coppermine development team is releasing a security update for Coppermine in order to counter a recently discovered vulnerability. It is important that all users who run version cpg1.5.46 or older update to this latest version as soon as possible.
[more]

Pages: [1]   Go Down

Author Topic: A valid token could not be found  (Read 13437 times)

0 Members and 1 Guest are viewing this topic.

Cavey

  • Coppermine newbie
  • Offline Offline
  • Posts: 11
A valid token could not be found
« on: July 10, 2010, 02:50:11 pm »

Hello all,

Need some advice, i have upgraded to the newest version (version 1.5.6 from version 1.4.7). Whenever i try to set any settings, it will keep prompting the following error

File: /home/cavey/public_html/CPG-Tango/usermgr.php - Line: 1050 (File shown here changes with the last function)
or
Error
A valid form token could not be found.
File: /home/cavey/public_html/CPG-Tango/logout.php - Line: 31 

I checked the token lifetime and it is at the default 900. With this issue i cannot save or do anything

I would like to create an account as requested for testing purposes but the following above is preventing me from doing so. My website's CPG is at http://tango.kicks-ass.org/CPG-Tango

Any advice will be appreciated. Thank you in advice.


Logged

Joe Carver

  • Dev Team member
  • Coppermine addict
  • ****
  • Country: us
  • Offline Offline
  • Gender: Male
  • Posts: 1503
  • aka 'i-imagine'
    • Home Page
Re: A valid token could not be found
« Reply #1 on: July 10, 2010, 03:23:07 pm »

Did you run update.php?

Cavey

  • Coppermine newbie
  • Offline Offline
  • Posts: 11
Re: A valid token could not be found
« Reply #2 on: July 10, 2010, 04:09:44 pm »

Opps yup should be update rather than upgrade.
Logged

Phill Luckhurst

  • Administrator
  • Coppermine addict
  • *****
  • Country: gb
  • Offline Offline
  • Gender: Male
  • Posts: 4701
    • Windsurf.me
Re: A valid token could not be found
« Reply #3 on: July 10, 2010, 05:30:55 pm »

Is it fixed then? If so can you mark your thread as solved for the benefit of others - http://forum.coppermine-gallery.net/index.php/topic,55415.msg270631.html#msg270631
Logged
It is a mistake to think you can solve any major problems just with potatoes.

Cavey

  • Coppermine newbie
  • Offline Offline
  • Posts: 11
Re: A valid token could not be found
« Reply #4 on: July 10, 2010, 05:49:55 pm »

Hello Phill ,

Sorry for the confusion. it is not fixed. Was just replying that i did an update instead of an upgrade as stated in the first paragraph, still getting the error. Could it be a server setting? I have 2 upgraded 1.5.6 CPGs running on the same server (suffix is different for both) and both are getting the same issue.

Logged

Joe Carver

  • Dev Team member
  • Coppermine addict
  • ****
  • Country: us
  • Offline Offline
  • Gender: Male
  • Posts: 1503
  • aka 'i-imagine'
    • Home Page
Re: A valid token could not be found
« Reply #5 on: July 10, 2010, 07:22:52 pm »

Opps yup should be update rather than upgrade.
??? I don't understand.
If you did not understand, I meant: http://tango.kicks-ass.org/CPG-Tango/update.php

Cavey

  • Coppermine newbie
  • Offline Offline
  • Posts: 11
Re: A valid token could not be found
« Reply #6 on: July 11, 2010, 05:39:27 am »

Hello Joe,

Sorry for the confusion, Yes i did run update.php to 1.5.6, everything appeared to be successful, but still getting the same error.

Anyway i tried deleting all files/db and did a fresh install and still got the error, just wondering, for the server end, is there a need to enable a php function in order for the token thing to work?

Thank you.
Logged

Joachim Müller

  • Dev Team member
  • Coppermine addict
  • ****
  • Offline Offline
  • Gender: Male
  • Posts: 47844
  • aka "GauGau"
    • gaugau.de
Re: A valid token could not be found
« Reply #7 on: July 11, 2010, 10:15:34 am »

What PHP version do you have on your server?
Logged

Cavey

  • Coppermine newbie
  • Offline Offline
  • Posts: 11
Re: A valid token could not be found
« Reply #8 on: July 11, 2010, 10:28:20 am »

PHP Version 5.2.10
MySQL: 5.0.91
Apache: 2.2.0
Logged

Joachim Müller

  • Dev Team member
  • Coppermine addict
  • ****
  • Offline Offline
  • Gender: Male
  • Posts: 47844
  • aka "GauGau"
    • gaugau.de
Re: A valid token could not be found
« Reply #9 on: July 11, 2010, 10:33:13 am »

Please post a non-admin test user account with privileges to have personal albums.
Logged

Cavey

  • Coppermine newbie
  • Offline Offline
  • Posts: 11
Re: A valid token could not be found
« Reply #10 on: July 11, 2010, 10:51:11 am »

Hello Joachim,

i would like to do so but the token error is stopping me from creating an account or from doing anything else. I have just set up another CPG Test gallery on that server for testing and troubleshooting purposes. If it is ok, can i PM you the details as it contains information the admin account.
Logged

Cavey

  • Coppermine newbie
  • Offline Offline
  • Posts: 11
Re: A valid token could not be found
« Reply #11 on: July 14, 2010, 05:42:57 pm »

Hello All,

Just thought i will update this thread before changing it to solved. After much testing, i found out that it was my own Internet Service Provider (ISP) causing this issue, tested over at 2 friend's places using different ISPs and it is ok. Server and CPG fresh installation and update was fine and wasnt the cause of this issue

Not sure what information sent from server to ISP to my pc is being blocked but i have already asked them to investigate. If there is a firm answer will post it here to help others.
Logged

Joe Carver

  • Dev Team member
  • Coppermine addict
  • ****
  • Country: us
  • Offline Offline
  • Gender: Male
  • Posts: 1503
  • aka 'i-imagine'
    • Home Page
Re: A valid token could not be found
« Reply #12 on: July 15, 2010, 12:32:57 am »

Check to see if your IP address is stable over time. If you are on win, then open a command window and type....  

ipconfig /all     and recheck it a couple/few minutes later.


Or, use a web service  that echos your ip back to you
( http://network-tools.com works well, I use it for other reasons )
« Last Edit: July 15, 2010, 07:23:42 am by Joachim Müller »
Logged

Αndré

  • Administrator
  • Coppermine addict
  • *****
  • Country: de
  • Offline Offline
  • Gender: Male
  • Posts: 15761
Re: A valid token could not be found
« Reply #13 on: July 15, 2010, 07:46:17 am »

I don't know how the usual home networking looks in Singapore or in the US. But in Germany almost everyone has a DSL or cable connection with a router between the modem and the PC. So ipconfig /all returns your internal IP which doesn't matter in that scenario.

Please have a look how the token is generated:
Code: [Select]
$token = md5(USER_ID . $raw_ip . $superCage->server->getRaw('HTTP_USER_AGENT') . $CONFIG['site_token'] . $timestamp);Each value has to be identical to generate a valid token. So your IP mustn't change and your HTTP_USER_AGENT has to be the same, too.

If you have serious trouble with the form token, you have to determine where the culprit lies (probably your IP address) and adjust the token generation.
Logged

Cavey

  • Coppermine newbie
  • Offline Offline
  • Posts: 11
Re: A valid token could not be found
« Reply #14 on: July 15, 2010, 09:19:02 am »

Hello Joe, Andre,

For myself i am using a ADSL router, so yes the ip will be a private ip and wont change much there. Just for further testing I used a ADSL modem for direct connection to my PC and got the same result. IP and Browser were still the same ones.

Putting myself back to the ADSL router, when i used my ISP's proxy, it seems to work well,

Just wondering is it a good idea to remove the raw_ip from the line $token = md5(USER_ID . $raw_ip . $superCage->server->getRaw('HTTP_USER_AGENT') . $CONFIG['site_token'] . $timestamp);, can token generation work without that?
Logged

Αndré

  • Administrator
  • Coppermine addict
  • *****
  • Country: de
  • Offline Offline
  • Gender: Male
  • Posts: 15761
Re: A valid token could not be found
« Reply #15 on: July 15, 2010, 09:25:18 am »

can token generation work without that?
Yes. The same function is used for creating a token and checking if a token is (still) valid.
Logged

Cavey

  • Coppermine newbie
  • Offline Offline
  • Posts: 11
Re: A valid token could not be found
« Reply #16 on: July 15, 2010, 12:20:16 pm »

Thank you Andre, this did the trick with the token error.

However will try to look into why this happens to be the case for my IP/ISP
Logged
Pages: [1]   Go Up
 

Page created in 0.524 seconds with 21 queries.