10848 Posts in 2516 Topics by 1792 members
|Go to End|
24 December 2010 at 4:46am Last edited: 24 December 2010 5:43am
Since the mysql server on http://open.silverstripe.org/ seems to go down more often than a hooker from Ciranus IV:
Importing a CSV file into a mailinglist in the newsletter 0.4.0-rc1 module fails with: "Security token doesn't match, possible CSRF attack."
Steps to reproduce:
1. Go to <yoursite>/admin/newsletter/
2. Click Mailing List
3. Click tab 'Import'
4. Enter a (simple) CVS file with FirstName, SurName, Email columns
5. Click 'Show contents' button
6. Click 'Confirm' button
The message "Security token doesn't match, possible CSRF attack." is shown.
What is the expected output:
CSV file is imported.
It could be that I am doing something wrong. But I'm using pretty much stock Silverstripe and newsletter.
[Edit] Apparently the ticket was still posted: http://open.silverstripe.org/ticket/6295
17 January 2011 at 2:44pm
26 March 2011 at 4:31am
There is an issue with the template and the form for submitting the import. my work around is as below. I also updated the above ticket. (http://open.silverstripe.org/ticket/6295)
My work around was to add the following to the Newsletter_RecipientImportField_Table.ss template file, so the security ID is passed on through. I agree that a more elegant way may be needed but this should get some people out of trouble.
<input class="hidden" type="hidden" id="RecipientImportField_UploadForm_UploadForm_SecurityID" name="SecurityID" value="$SecurityID" />
Needs to be inserted in to the form around line 20 of the template file.
Hope this is of some help.
21 April 2011 at 4:36pm
It works perfect to me.
Thanks a lot.
|Go to Top|