search

Jefferson49 / Joomla_plugin_sexypolling_reloaded

Migration of the joomla plugin "Sexy Polling" to joomla 4.x
GNU General Public License v3.0
2 stars 3 forks source link

Ínvalid token (Joomla 5.1.0) #101

Closed WoodyF4u closed 4 months ago

WoodyF4u commented 4 months ago

Hi, When I publish the module on the site it seems to work fine. But every time the page is refreshed, this message appears as a popup: Invalid token.

What can I do to solve it?

Jefferson49 commented 4 months ago

Hi WoodyF4u,

thank you for reporting the issue. Sorry for the long delay for the answer. Currently, I am facing an issue with the email notifications, which sometimes don't work.

Maybe some background first: Joomla adds security tokens to forms. The security tokens keep sites safe from most Cross Site Request Forgery (CSRF) attacks. The tokens have an expiry time. When a page is accessed and the token is expired, the error "Invalid token" occurs. See also: https://www.joomlashack.com/blog/joomla/invalid-token/

The default behavior of Joomla should be that the token expires after 15 minutes. However, you might have to check the settings of your Joomla configuration. Check "Session Lifetime" under "System" in global configuration: https://www.joomlabeginner.com/blog/tutorials/82-how-to-increase-session-timeout-in-joomla

Does the "Invalid token" error only show up if the SexyPolling module is activated? Is the error message shown if you reload the site before "Session Lifetime" has expired (see above)?

WoodyF4u commented 4 months ago

I just adjusted the Session Lifetime from 15 to 30 minutes. Then I published the module again. Maybe adjusting that time triggered something. And now the Invalid Token message no longer appears.

So it seems to be solved.

WoodyF4u commented 4 months ago

I got excited too early. The message is back. Probably at the end of the Session time. Do you have an idea how to solve this? I just unpublished the module again.

Jefferson49 commented 4 months ago

I would need some more details. Which version of Sexy Polling are you currently using? Did you upgrade recently? From which version? Would you have the possiblility from your installation and data to downgrade to a former version?

Session lifetime was 30 min? You watched the issue after some 20+x min.? The session management usually works in a way that the session timeout gets resets after further clicks on the website. Did you leave the browser untouched for some time? And then reloaded the site?

Jefferson49 commented 4 months ago

Can you post a screenshot of the error message? Is it a Joomla error message? Or is it an error message of SexyPolling?

Jefferson49 commented 4 months ago

Can you replace the following file on your server by the attached file and see if the error still occurs? Make a copy/backup of the existing file before.

Just unzip the attached file and copy it to the following folder: \components\com_sexypolling\assets\js\sexypolling.js

sexypolling.js.zip

WoodyF4u commented 4 months ago

Hi, Before answering all the questions, I first replaced the old file with the new one. Then I waited for over an hour and then tested with different browsers. The message did not return. So it looks like the new file solved the problem.

Regards, Wouter

Jefferson49 commented 4 months ago

Before answering all the questions, I first replaced the old file with the new one. Then I waited for over an hour and then tested with different browsers. The message did not return. So it looks like the new file solved the problem.

Thank you very much for testing! Based on this information, I was able to fix the issue.

I will publish a new release pretty soon.

WoodyF4u commented 4 months ago

That's great. Thanks.