Skip to main content

This site requires you to update your browser. Your browsing experience maybe affected by not having the most up to date version.

All other Modules

Discuss all other Modules here.

Moderators: martimiz, Sean, biapar, Willr, Ingo, swaiba, simon_w

Bugreport: Newsletter mailinglist import fails with security token error.


Reply

4 Posts   1198 Views

Avatar
Henk Poley

24 December 2010 at 4:46am (Last edited: 24 December 2010 5:43am), 30 Posts

Since the mysql server on http://open.silverstripe.org/ seems to go down more often than a hooker from Ciranus IV:

Importing a CSV file into a mailinglist in the newsletter 0.4.0-rc1 module fails with: "Security token doesn't match, possible CSRF attack."

Steps to reproduce:

1. Go to <yoursite>/admin/newsletter/
2. Click Mailing List
3. Click tab 'Import'
4. Enter a (simple) CVS file with FirstName, SurName, Email columns
5. Click 'Show contents' button
6. Click 'Confirm' button

What happens:

The message "Security token doesn't match, possible CSRF attack." is shown.

What is the expected output:

CSV file is imported.

It could be that I am doing something wrong. But I'm using pretty much stock Silverstripe and newsletter.

[Edit] Apparently the ticket was still posted: http://open.silverstripe.org/ticket/6295

Avatar
_Vince

17 January 2011 at 2:44pm Community Member, 161 Posts

*bounce* Anybody?

Avatar
hive.net.au

26 March 2011 at 4:31am Community Member, 40 Posts

There is an issue with the template and the form for submitting the import. my work around is as below. I also updated the above ticket. (http://open.silverstripe.org/ticket/6295)

My work around was to add the following to the Newsletter_RecipientImportField_Table.ss template file, so the security ID is passed on through. I agree that a more elegant way may be needed but this should get some people out of trouble.

<input class="hidden" type="hidden" id="RecipientImportField_UploadForm_UploadForm_SecurityID" name="SecurityID" value="$SecurityID" />

Needs to be inserted in to the form around line 20 of the template file.

Hope this is of some help.

Avatar
leonquiroga

21 April 2011 at 4:36pm Community Member, 3 Posts

It works perfect to me.

Thanks a lot.

L.