9.03 - 403 error when granting groups via user profile: PHPFusion 9 Support

Home
Search

Oh no! Where's the JavaScript?
Your Web browser does not have JavaScript enabled or does not support JavaScript. Please enable JavaScript on your Web browser to properly view this Web site, or upgrade to a Web browser that does support JavaScript.

Quote

403
The link you followed may have expired, or the page may not be accessible to you.

I receive this error when attempting to grant custom groups via member profile pages. I can still add to group via admin panel as usual.

Thanks

0 replies

Falk

answered 12 Jun 2019 at 10:42 PM

Super Admin

It is prolly custom template in the theme, I can not replicate this issue. Still on Atom9?

0 replies

Atom9: StarCity doesn't have custom profile tpl

Also I can not replicate.

0 replies

Is there anything different about the build provided by Softoculus?

Any file permissions I should check out via ftp?

Edited by Scarcer3320 on 13-06-2019 08:55, 5 y

1 reply

Sorry, had a busy week.

Done, but no dice.

0 replies

Falk

answered 17 Jun 2019 at 01:59 PM

Super Admin

Check your Main settings under settings, verify domain and path info so they are correct.

0 replies

Troubleshooting has concluded that the infusion Avatar Studio is the culprit. Uninstalled and now it works like a charm.

Edited by Scarcer3320 on 17-06-2019 14:32, 5 y

0 replies

I had it working last night but it popped up again for both me and my assistant Super Admin. At least this time it came up in the log, I think.

Quote

214
215 if (\defender::safe()) {
216 // Store into session
217 $_SESSION['csrf_tokens'][self::pageHash($file)][$form_id][] = $token;
218 // Round robin consume token
219 if (count($_SESSION['csrf_tokens'][self::pageHash($file)][$form_id]) > $max_tokens) {
220 array_shift($_SESSION['csrf_tokens'][self::pageHash($file)][$form_id]);
221 }
222 } else {
223 if (!empty($_SESSION['csrf_tokens'])) {
224 $token_ring = $_SESSION['csrf_tokens'][self::pageHash($file)][$form_id];
Line 224 -- 3 minutes ago
Undefined index: /error.php
225 $ring = array_rand($token_ring, 1);
226 $token = $token_ring[$ring];
227 } else {
228 $_SESSION['csrf_tokens'][self::pageHash($file)][$form_id][] = $token;
229 }
230 }
231
232 // Debugging section
233 if (self::$debug) {
234 if (!self::safe()) {
235

Edited by Scarcer3320 on 18-06-2019 06:12, 5 y

0 replies

The token is pretty easy to fix on all version 7 infusions. Find all conventional <form> and replace with our function.

replace:

Code Download source


$action = FUSION_REQUEST;
echo "<form name='xyz' method='post' action='$action'> "

with:

Code Download source


$action = FUSION_REQUEST;
echo openform('xyz', 'post', $action);

0 replies

I'm not using any community infusions at the moment. All stock aside from CSS.

The avatar studio infusion is currently disabled

0 replies

Falk

answered 20 Jun 2019 at 06:22 AM

Super Admin

You can try to change sessions type to database under Admin > Settings > Security Settings, also up the amount of allowed tokens, perhaps some UF generate more.

0 replies

Yeah still not working for me or any of my admins.

0 replies

Cause found: cPanel ModSecurity is not compatible with php-fusion. All admin and user related 403 errors ceased with ModSecurity disabled.

0 replies

Category Forum

Suspected Bugs and Errors - 9

Labels

None yet

Statistics

Views 0 views
Posts 12 posts
Votes 0 votes
Topic users 4 members

4 participants

Notifications

Track thread

You are not receiving notifications from this thread.

9.03 - 403 error when granting groups via user profile

12 posts

PHPFusion

Resources

Community

Development