Skip to main content

This site requires you to update your browser. Your browsing experience maybe affected by not having the most up to date version.

All other Modules /

Discuss all other Modules here.

Moderators: martimiz, Sean, biapar, Willr, Ingo, swaiba, simon_w

Bugreport: Newsletter mailinglist import fails with security token error.


Reply


4 Posts   1202 Views

Avatar
Henk Poley

30 Posts

24 December 2010 at 4:46am

Edited: 24/12/2010 5:43am

Since the mysql server on http://open.silverstripe.org/ seems to go down more often than a hooker from Ciranus IV:

Importing a CSV file into a mailinglist in the newsletter 0.4.0-rc1 module fails with: "Security token doesn't match, possible CSRF attack."

Steps to reproduce:

1. Go to <yoursite>/admin/newsletter/
2. Click Mailing List
3. Click tab 'Import'
4. Enter a (simple) CVS file with FirstName, SurName, Email columns
5. Click 'Show contents' button
6. Click 'Confirm' button

What happens:

The message "Security token doesn't match, possible CSRF attack." is shown.

What is the expected output:

CSV file is imported.

It could be that I am doing something wrong. But I'm using pretty much stock Silverstripe and newsletter.

[Edit] Apparently the ticket was still posted: http://open.silverstripe.org/ticket/6295

Avatar
_Vince

Community Member, 161 Posts

17 January 2011 at 2:44pm

*bounce* Anybody?

Avatar
hive.net.au

Community Member, 40 Posts

26 March 2011 at 4:31am

There is an issue with the template and the form for submitting the import. my work around is as below. I also updated the above ticket. (http://open.silverstripe.org/ticket/6295)

My work around was to add the following to the Newsletter_RecipientImportField_Table.ss template file, so the security ID is passed on through. I agree that a more elegant way may be needed but this should get some people out of trouble.

<input class="hidden" type="hidden" id="RecipientImportField_UploadForm_UploadForm_SecurityID" name="SecurityID" value="$SecurityID" />

Needs to be inserted in to the form around line 20 of the template file.

Hope this is of some help.

Avatar
leonquiroga

Community Member, 3 Posts

21 April 2011 at 4:36pm

It works perfect to me.

Thanks a lot.

L.